Overview

overview

10

Static

static

10

a27c8ab26a...61.exe

windows7-x64

10

a27c8ab26a...61.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a27c8ab26a050674add24a25ae427a9065400f45cb9e5bd49f265e516c71f361.exe

  • Size

    707KB

  • MD5

    d7e7da5e3d6892e3a418e000b5802ddb

  • SHA1

    88155907506407813cb9a640b947b3a455505bd1

  • SHA256

    a27c8ab26a050674add24a25ae427a9065400f45cb9e5bd49f265e516c71f361

  • SHA512

    77854b1f324908611c26c63f3cd62d599bbe3576521e80b66fe9d493fa0254b75414cfefbd4393f8d2df3eb58c0d21c9423003ae21f50a3ea3e80484e7a9b21f

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza168bvnh:6uaTmkZJ+naie5OTamgEoKxLWBLh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • a27c8ab26a050674add24a25ae427a9065400f45cb9e5bd49f265e516c71f361.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections