Overview

overview

10

Static

static

10

cc8e424e91...76.exe

windows7-x64

10

cc8e424e91...76.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    cc8e424e91cdf3573c3d2d597fbf945c183f2efc2653b11f042ffb20b62aa476.exe

  • Size

    707KB

  • MD5

    305b149acdcf7c23de3695ca66460cae

  • SHA1

    8cfea572c5537b4749cc003bea576deb2b971c4d

  • SHA256

    cc8e424e91cdf3573c3d2d597fbf945c183f2efc2653b11f042ffb20b62aa476

  • SHA512

    70d4c47eb99adc183b3e46101346a9c65b227ba71c3d5d79034e71070e187cf4fb58e4b387427818d83dab04c58a880ee2c9abdad828af114f237bd66f6e46ff

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1j8ovnh:6uaTmkZJ+naie5OTamgEoKxLWCWh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • cc8e424e91cdf3573c3d2d597fbf945c183f2efc2653b11f042ffb20b62aa476.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections