Overview

overview

10

Static

static

10

8a446e45d0...c6.exe

windows7-x64

10

8a446e45d0...c6.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    8a446e45d0f6d829a0b528d21cae7f97b01136e10aece6c7ca797ebcbdc8d6c6.exe

  • Size

    707KB

  • MD5

    2db66d1bb120b675feea1951d2b442c9

  • SHA1

    a00e1236fbf676e94ed7945a99a3b2a673138ba0

  • SHA256

    8a446e45d0f6d829a0b528d21cae7f97b01136e10aece6c7ca797ebcbdc8d6c6

  • SHA512

    38e41270dcfdc0932b7af0119a6c1fc8f81bdd720bf8248af63cff0d8e7d6df50f82d2e6b20b3dfdbc055bf8f262356c80a34358cb3a034d82bc8ae603604498

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza148hvnh:6uaTmkZJ+naie5OTamgEoKxLWL1h

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 8a446e45d0f6d829a0b528d21cae7f97b01136e10aece6c7ca797ebcbdc8d6c6.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections