Overview

overview

10

Static

static

10

a0d84ba297...85.exe

windows7-x64

10

a0d84ba297...85.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    a0d84ba2972d70b716c355d09de4e0e303980280acc42089f0af0e0469cec985.exe

  • Size

    707KB

  • MD5

    c70b6cfd3a1b424a843bfb9071bdac9b

  • SHA1

    f9f4bfd426a8f4726bb8652ef1f1d8eca94f8b01

  • SHA256

    a0d84ba2972d70b716c355d09de4e0e303980280acc42089f0af0e0469cec985

  • SHA512

    a2165eac840665ee4c9c9f4a5b9d7aa0752a3c00a4bb4f9f322fb732f62475f59e2e37788520cd3e1d63e206bac78bb3b9f4ae6f6fcebb79a28c1c953c4d80a7

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1N8Lvnh:6uaTmkZJ+naie5OTamgEoKxLWobh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • a0d84ba2972d70b716c355d09de4e0e303980280acc42089f0af0e0469cec985.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections