Overview

overview

10

Static

static

10

91a2e3bf49...55.exe

windows7-x64

10

91a2e3bf49...55.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    91a2e3bf494fda25fdadc1bf8e1f6038cbcd9741781757934aa947988a9eaf55.exe

  • Size

    707KB

  • MD5

    8375dcc2dc0ee44547a2aee2a6b1faae

  • SHA1

    cd41ba8ae57b7c4a5430173b672f6aa9bc836c2a

  • SHA256

    91a2e3bf494fda25fdadc1bf8e1f6038cbcd9741781757934aa947988a9eaf55

  • SHA512

    049fcafac8f5d96500f45b6a8a862d80347976e4554dd611bb3a67cb704cce428c071da54ad87597ad3b3f656bc6d1ace227dbcd21ef79d3b05b09ed5df60e0d

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1c82vnh:6uaTmkZJ+naie5OTamgEoKxLWXIh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 91a2e3bf494fda25fdadc1bf8e1f6038cbcd9741781757934aa947988a9eaf55.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections