Overview

overview

10

Static

static

10

777743ae6d...06.exe

windows7-x64

10

777743ae6d...06.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    777743ae6d9e05a9bc331ed41e488d7c7caafaf5306a1c3520af19f56ee4a906.exe

  • Size

    707KB

  • MD5

    1e904100823bf91348b14437a5378f65

  • SHA1

    a1c9a2f2d7905d88aa4a4da7896035f9a5824349

  • SHA256

    777743ae6d9e05a9bc331ed41e488d7c7caafaf5306a1c3520af19f56ee4a906

  • SHA512

    4ad2d975e9b6bc0dac78456735f354aad3130123723a42429bc3d17bb86a6db81c94a2c67d4148e13baae0eeb325f0e5b27f07cffc04dff653bec3b3c93d0b40

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1Z8Vvnh:6uaTmkZJ+naie5OTamgEoKxLW8Rh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 777743ae6d9e05a9bc331ed41e488d7c7caafaf5306a1c3520af19f56ee4a906.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections