Overview

overview

10

Static

static

10

e2784dc580...7c.exe

windows7-x64

10

e2784dc580...7c.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    e2784dc5804e8a2e03f5c99139676deada231b4737c1ad94d92b8928fcc76c7c.exe

  • Size

    707KB

  • MD5

    55936d375cfab799e16e59c16bc8dcdc

  • SHA1

    d2f0945ae9b2a2878d2f32a583f87d4f7fc6900d

  • SHA256

    e2784dc5804e8a2e03f5c99139676deada231b4737c1ad94d92b8928fcc76c7c

  • SHA512

    5db43f007a65f4a88100bde8ae22a984a761f641de51ed2758a28d44b1c3646f76bd0a045638cedd24f634f47fd24bccddc852fea94009f42113b80c89f417b4

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1L8mvnh:6uaTmkZJ+naie5OTamgEoKxLWaYh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • e2784dc5804e8a2e03f5c99139676deada231b4737c1ad94d92b8928fcc76c7c.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections