Overview

overview

10

Static

static

10

a358bf628a...8a.exe

windows7-x64

10

a358bf628a...8a.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    a358bf628aafff98c9991ff7e1fe12ed984d2477519576ba6e825be7f192b08a.exe

  • Size

    707KB

  • MD5

    23912d53ed753c637b6082b35ec949ec

  • SHA1

    09002005a7f5d928754208361e444dbf0eac76af

  • SHA256

    a358bf628aafff98c9991ff7e1fe12ed984d2477519576ba6e825be7f192b08a

  • SHA512

    d9d9fef83269b4955062cf9d232020bda28b6fa1e656ca4c252c43783b4a3eefb98729898f0aa154ab3b7afd23f7d240cd96b121c740ffaaefe1c3da5f650e95

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1d8xvnh:6uaTmkZJ+naie5OTamgEoKxLWQlh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • a358bf628aafff98c9991ff7e1fe12ed984d2477519576ba6e825be7f192b08a.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections