Overview

overview

10

Static

static

10

db6e9afa6d...31.exe

windows7-x64

10

db6e9afa6d...31.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    db6e9afa6d7eed242e326d34ea65aa5485cc2c90705f9f68541c85a77a1be531.exe

  • Size

    707KB

  • MD5

    3969e1ae286fc9b3d1e8bf8eb0914d5b

  • SHA1

    75b6371812c5c2384a66d027257127236712739a

  • SHA256

    db6e9afa6d7eed242e326d34ea65aa5485cc2c90705f9f68541c85a77a1be531

  • SHA512

    a915163b7786c80056573e88c2f5963f387a9cae41383fb2ae720ccc8991d0b8d77b8a0679c6e660d29e764cfca902633a0dae0a53ee4adc3573ee8d797dfd60

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1k8mvnh:6uaTmkZJ+naie5OTamgEoKxLWnYh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • db6e9afa6d7eed242e326d34ea65aa5485cc2c90705f9f68541c85a77a1be531.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections