Overview

overview

10

Static

static

10

dada418193...0a.exe

windows7-x64

10

dada418193...0a.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    dada418193e75f2249ab4693d63f644eb609dc9574188e838b0be0da93c9040a.exe

  • Size

    707KB

  • MD5

    5b595bcc42aa0dd330c30dd2f3ca3abe

  • SHA1

    723e02ea8abd38962c5d64f8da10c0be76379192

  • SHA256

    dada418193e75f2249ab4693d63f644eb609dc9574188e838b0be0da93c9040a

  • SHA512

    58255ba68dbe5c4bd78c95dd77759bdb45bca91ff27918fd35b5b3b3e2fcfcd8e26e2c366aa4603e3fc9ba8083d7e17698cd4a70d02c75c26edc04f96ef4a4e7

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1e8Qvnh:6uaTmkZJ+naie5OTamgEoKxLWdOh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • dada418193e75f2249ab4693d63f644eb609dc9574188e838b0be0da93c9040a.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections