Overview

overview

10

Static

static

10

e48ed294de...0e.exe

windows7-x64

10

e48ed294de...0e.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    e48ed294de2f4168a5dc6c055ab47ca4e640a606e4cc180c28c1d5b9873f590e.exe

  • Size

    707KB

  • MD5

    1fe02c5149ccbb7f0f7f7de66ba9aac5

  • SHA1

    42e8a221af5058e0a34abefd88c1d1cb511bec84

  • SHA256

    e48ed294de2f4168a5dc6c055ab47ca4e640a606e4cc180c28c1d5b9873f590e

  • SHA512

    975eb0379fd7fc2c66cf3385a1c7d5d18dca5c8e40bf55c5981df6a06d7fa19ede650968267b9ae10847fec70ec081aebaeaa0e5ce2dddb492d396838f9e2272

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1s8fvnh:6uaTmkZJ+naie5OTamgEoKxLWf3h

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • e48ed294de2f4168a5dc6c055ab47ca4e640a606e4cc180c28c1d5b9873f590e.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections