Overview

overview

10

Static

static

10

822d14a87e...e0.exe

windows7-x64

10

822d14a87e...e0.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    822d14a87e657434b0157f3fa02ef31606fd11bb05cb9ea3f27dff9b93863ee0.exe

  • Size

    707KB

  • MD5

    faa0fe86014bdd61e8243e8f8b39df32

  • SHA1

    54afabea87584705cda37ce2c7985226b38f732e

  • SHA256

    822d14a87e657434b0157f3fa02ef31606fd11bb05cb9ea3f27dff9b93863ee0

  • SHA512

    58e81b797815eac20b67951868d13f388fce34bccf2420b2b117c114170a43c6890dfdcf89144281d8c547a0d904c28344ecafbcf04da036b96715369204ecd4

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1H8Qvnh:6uaTmkZJ+naie5OTamgEoKxLWWOh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 822d14a87e657434b0157f3fa02ef31606fd11bb05cb9ea3f27dff9b93863ee0.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections