General

  • Target

    a0c93911059999cc71d5cfa457dbea084e0acde9cd671cec9984d209d00ea725.exe

  • Size

    707KB

  • MD5

    01d2a7c86edfae86ffdb8a454b862cc5

  • SHA1

    43a48eaccf9e15ec3b7bfd5a48f3182ec9e55455

  • SHA256

    a0c93911059999cc71d5cfa457dbea084e0acde9cd671cec9984d209d00ea725

  • SHA512

    ea27cc00c99f56248230b335c1c73cf6ea5bd2572b2ba7a02f72a5876d552446c2f552864649f94d44863422089db92ebb133373870b18c446f4c3c9c431244d

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1E8Zvnh:6uaTmkZJ+naie5OTamgEoKxLWndh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • a0c93911059999cc71d5cfa457dbea084e0acde9cd671cec9984d209d00ea725.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections