Overview

overview

10

Static

static

10

ea735f3980...de.exe

windows7-x64

10

ea735f3980...de.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    ea735f39807bf2b4185014d0a5c59a3a7e295e541be1792a55b5ff31cc2f8ede.exe

  • Size

    707KB

  • MD5

    a6738c655c1f5f32c06cc44659876557

  • SHA1

    b4aaa44f486f2c0a9a16702ed5ac174774e4c857

  • SHA256

    ea735f39807bf2b4185014d0a5c59a3a7e295e541be1792a55b5ff31cc2f8ede

  • SHA512

    110189066a838cf6c895a0bb52911a6abeb4cee4c6027dbbe5e428148e4b536a77e45f193deadf28b9efac834a9a487422e88dc1292d927f4692e2e7b34199ed

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1z8Fvnh:6uaTmkZJ+naie5OTamgEoKxLWShh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • ea735f39807bf2b4185014d0a5c59a3a7e295e541be1792a55b5ff31cc2f8ede.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections