Overview

overview

10

Static

static

10

d64b48626e...46.exe

windows7-x64

10

d64b48626e...46.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d64b48626ec6a27f80923b697a50c5e97584ee880d66fce3fa16f7b7d0406d46.exe

  • Size

    707KB

  • MD5

    41c2b8be01a2f2b9acf3e3db978dd767

  • SHA1

    5a1a7d6c7e26c78a159efdde7558cec5548a3287

  • SHA256

    d64b48626ec6a27f80923b697a50c5e97584ee880d66fce3fa16f7b7d0406d46

  • SHA512

    800429240fabc35ce991e549571b35abe5efdb4a2674c1ffac1e46417e5f9a011411a4446162fec3d37c4ad290e2144b6b079e7f637d0ae30bfe0789fb96633a

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1f8Gvnh:6uaTmkZJ+naie5OTamgEoKxLW24h

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • d64b48626ec6a27f80923b697a50c5e97584ee880d66fce3fa16f7b7d0406d46.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections