Overview

overview

10

Static

static

10

8e497366b1...69.exe

windows7-x64

10

8e497366b1...69.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    8e497366b1f7b06a9ef82ed6fa0a2343f9d2ec9ae05d05b593dddaf95c207e69.exe

  • Size

    707KB

  • MD5

    5c8b32eaa11552c333cc8aabaed61bbb

  • SHA1

    151b0337ed888cf30908422b5e196e13ab573b02

  • SHA256

    8e497366b1f7b06a9ef82ed6fa0a2343f9d2ec9ae05d05b593dddaf95c207e69

  • SHA512

    872defa0afcd38ed76167bc4eff93c56e20fdcda4b05c9a112c3136cc3f56684e54df9b500b8943765ed68e77faceb07ea8fd1a11a93f8808bcc68d577f99934

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1/8mvnh:6uaTmkZJ+naie5OTamgEoKxLWuYh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 8e497366b1f7b06a9ef82ed6fa0a2343f9d2ec9ae05d05b593dddaf95c207e69.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections