Overview

overview

10

Static

static

10

71557cc63b...38.exe

windows7-x64

10

71557cc63b...38.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    71557cc63b41199f72bfe55811eef6c99a043b17c054d3db0dbc0f20c9da1238.exe

  • Size

    707KB

  • MD5

    5441b0519a931d636d9ed2e166e445e9

  • SHA1

    212548879b2d0918b973c3871c590b5fa9fa768b

  • SHA256

    71557cc63b41199f72bfe55811eef6c99a043b17c054d3db0dbc0f20c9da1238

  • SHA512

    26e4441848d62e4daf1fbbd393146da58c4cda92f9a4c32b482741191a305264112bb4a468bf573abfa121914cce244315018dab563ffde287283fc044c8c283

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1t8Yvnh:6uaTmkZJ+naie5OTamgEoKxLWomh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 71557cc63b41199f72bfe55811eef6c99a043b17c054d3db0dbc0f20c9da1238.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections