Overview

overview

10

Static

static

10

de0f5ab34e...e8.exe

windows7-x64

10

de0f5ab34e...e8.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    de0f5ab34ee1030dbe235aa2459db3b60716588b9bcb2e864f94525290289de8.exe

  • Size

    707KB

  • MD5

    fc318a5ecf8e1d5fd219e44e4b8f4f12

  • SHA1

    fc6b7f4a53281c47dbac99dbb5976aceb532b983

  • SHA256

    de0f5ab34ee1030dbe235aa2459db3b60716588b9bcb2e864f94525290289de8

  • SHA512

    fd277299eca452e925a66952f5bdf2cc77899d4fb3339096397b60a879198d32165e2a7a9c1d763d2dc128f86bdfa56a538d26cf84084dcb55fc862347602059

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1+8svnh:6uaTmkZJ+naie5OTamgEoKxLWVyh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • de0f5ab34ee1030dbe235aa2459db3b60716588b9bcb2e864f94525290289de8.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections