Overview

overview

10

Static

static

10

914efe5d26...b8.exe

windows7-x64

10

914efe5d26...b8.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    914efe5d26112b6f16ef672db76d89bc825082e2fb267521c9b1e390caf8aab8.exe

  • Size

    707KB

  • MD5

    2c292574eeebff688a283166cf079c8c

  • SHA1

    bf795e9a4933a24f4695a637cdb64c1a0b2d5533

  • SHA256

    914efe5d26112b6f16ef672db76d89bc825082e2fb267521c9b1e390caf8aab8

  • SHA512

    beed50c67e2b3bc6cd502d13158e7024f462f81023f38b6e7a165630597087af8162cb677e2805e2faab9c83789b6bfebeb1a438149012ccd82fa1734ff7c806

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1S84vnh:6uaTmkZJ+naie5OTamgEoKxLWJGh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 914efe5d26112b6f16ef672db76d89bc825082e2fb267521c9b1e390caf8aab8.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections