Overview

overview

10

Static

static

10

f31a71679f...74.exe

windows7-x64

10

f31a71679f...74.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    f31a71679f57c464d140177f8fe764f822cbd8d71476edadf4199c7a51f56474.exe

  • Size

    707KB

  • MD5

    e331816d3a30193d046b1876afafc5c7

  • SHA1

    95254de9162f274f99151534da716f0b07b498f9

  • SHA256

    f31a71679f57c464d140177f8fe764f822cbd8d71476edadf4199c7a51f56474

  • SHA512

    517d8e011b4c9a508adc7943f2e604cfe81078cb981e11713755903714fc3a72a15f3c32422192fece314a0a5f177ab371b546fa27a23e4c793339906b825310

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1W85vnh:6uaTmkZJ+naie5OTamgEoKxLWF9h

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • f31a71679f57c464d140177f8fe764f822cbd8d71476edadf4199c7a51f56474.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections