Overview

overview

10

Static

static

10

a34058c568...c9.exe

windows7-x64

10

a34058c568...c9.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    a34058c568a064fe9c608c90cc56b5a442ac1c269117944945bc06ba92b983c9.exe

  • Size

    707KB

  • MD5

    3a1ddc5ad480375211480e13f0b1e38d

  • SHA1

    697dadb842dfde6d17a3aa1177f22c4757b6a22a

  • SHA256

    a34058c568a064fe9c608c90cc56b5a442ac1c269117944945bc06ba92b983c9

  • SHA512

    4c9cec53e6543d02b69b932e99696693549dd22f5fc2f8cb9267633bf12de4c0dfc5df8b67ba5856faecda2747fdf34c1cd70f7ead5c98db314a2854e1773719

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1O8Yvnh:6uaTmkZJ+naie5OTamgEoKxLWtmh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • a34058c568a064fe9c608c90cc56b5a442ac1c269117944945bc06ba92b983c9.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections