Overview

overview

10

Static

static

10

81f652ac68...5d.exe

windows7-x64

10

81f652ac68...5d.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    81f652ac68598add7debab5d207db8df09810fe0117a959bc99ff73e7274065d.exe

  • Size

    707KB

  • MD5

    35fc5d6885b298f325a9c1e0533655ff

  • SHA1

    e990694b96e5df1d2ae65fdd37464715e97d19a9

  • SHA256

    81f652ac68598add7debab5d207db8df09810fe0117a959bc99ff73e7274065d

  • SHA512

    035408759751a93b05da3074919e261fafb13faa0d7e52c8cd0d2299ba5fcbc13e9848183b2cdbe29524251145b3e01f5b5c11536b89c1abccd7a95c163eec65

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1X8kvnh:6uaTmkZJ+naie5OTamgEoKxLWeah

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 81f652ac68598add7debab5d207db8df09810fe0117a959bc99ff73e7274065d.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections