Overview

overview

10

Static

static

10

9142656697...2a.exe

windows7-x64

10

9142656697...2a.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    9142656697dcdb67595f95ff9ea8e3672da1f38e5aa93cd17a5ba92bc207fa2a.exe

  • Size

    707KB

  • MD5

    11f8be4ba972c419c63d7a898a17eb86

  • SHA1

    981ae8b3cbb0a74dd0efd00c02dada261c6f273f

  • SHA256

    9142656697dcdb67595f95ff9ea8e3672da1f38e5aa93cd17a5ba92bc207fa2a

  • SHA512

    749e290f40de473c037148710eef5383ec5bfe1a9ec280dd1bd13bdcd72aebde6c4bd262176662dfdffbff9756e14c5ec852540262f5eeebe7e582ccd15444c5

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1v8avnh:6uaTmkZJ+naie5OTamgEoKxLWm0h

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 9142656697dcdb67595f95ff9ea8e3672da1f38e5aa93cd17a5ba92bc207fa2a.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections