Overview

overview

10

Static

static

10

cc66ba5564...3f.exe

windows7-x64

10

cc66ba5564...3f.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cc66ba5564bd55419845f899968bfea6b442203d82e1d6fdf9738d61e8ca223f.exe

  • Size

    707KB

  • MD5

    74693ed9bf52fe8dc5bd9f6fe21c124a

  • SHA1

    3e04de70bf45e269774d7adba6180e5316df438b

  • SHA256

    cc66ba5564bd55419845f899968bfea6b442203d82e1d6fdf9738d61e8ca223f

  • SHA512

    eecd5fff0ed422f9a0828b283fc13804dcd09e56d84d42c6befcf83b433c51fa4073f576537c43df26dd7a632bb7b269601f3a6e99e70aff63953a7f6393f3fe

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1L8qvnh:6uaTmkZJ+naie5OTamgEoKxLW6kh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • cc66ba5564bd55419845f899968bfea6b442203d82e1d6fdf9738d61e8ca223f.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections