Overview

overview

10

Static

static

10

aadf0b9212...6b.exe

windows7-x64

10

aadf0b9212...6b.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    aadf0b9212696488584b9d96dd57040c6563a9eb4dd1859c4ad3be2111bf916b.exe

  • Size

    707KB

  • MD5

    a6f068c94d18ba1c50ca3b472da9202b

  • SHA1

    50958024bcbc7dbd1d4619424b31f82b3e923490

  • SHA256

    aadf0b9212696488584b9d96dd57040c6563a9eb4dd1859c4ad3be2111bf916b

  • SHA512

    d38a26dd59275af676d48f5b332c98c1cab7bab4530a9f386c253470ca7217481e0e8d2f519f03112793b5577c52bb9064da98ba2586a2415e4386bd0aea61c3

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1w8bvnh:6uaTmkZJ+naie5OTamgEoKxLW7Lh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • aadf0b9212696488584b9d96dd57040c6563a9eb4dd1859c4ad3be2111bf916b.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections