General

  • Target

    d5c9d60ab6267dda12aa92abd845f7e304e8e416a8f98e69b2dbef743418259b.exe

  • Size

    707KB

  • MD5

    6b4bbf0f77b51f0154131f9536904e50

  • SHA1

    51f180ec7afcc3f92dce06a5ba438fc80c50b3ef

  • SHA256

    d5c9d60ab6267dda12aa92abd845f7e304e8e416a8f98e69b2dbef743418259b

  • SHA512

    781cfef2589b052582eb6633bb2e24376dc8cfdabd3ec1acb70f811cf7d57e862569965a8384e6feb506a4448bcf830f063c3dcde1ee96068a6b93bf31f52d57

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1p85vnh:6uaTmkZJ+naie5OTamgEoKxLWM9h

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • d5c9d60ab6267dda12aa92abd845f7e304e8e416a8f98e69b2dbef743418259b.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.