Overview

overview

10

Static

static

10

a10706bdc8...e3.exe

windows7-x64

10

a10706bdc8...e3.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    a10706bdc8bd5e2e50a12cfa44ae0a9d124ff1e66fb9b9caaa9871356306a9e3.exe

  • Size

    707KB

  • MD5

    73e326c9de868f7657c976004d73cd3f

  • SHA1

    7f118747fac6e7a4c6b461a752d6be1719990960

  • SHA256

    a10706bdc8bd5e2e50a12cfa44ae0a9d124ff1e66fb9b9caaa9871356306a9e3

  • SHA512

    a47d688826e926e2a8df576af4198574289aa0b56292c2cce7e3c4856ef3e0895a40ccdfb9e4bacc384465a0573b6ce63b52232366bc37bde02baa7f7d3e03e4

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1w8vvnh:6uaTmkZJ+naie5OTamgEoKxLWjnh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • a10706bdc8bd5e2e50a12cfa44ae0a9d124ff1e66fb9b9caaa9871356306a9e3.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections