Overview

overview

10

Static

static

10

fa8c351db5...f5.exe

windows7-x64

10

fa8c351db5...f5.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    fa8c351db5863d53174d241b6b3775b4e0737709c3b690481500ee31cfa87df5.exe

  • Size

    707KB

  • MD5

    7c4aea9a24cd866c2fbb06163a981fed

  • SHA1

    471502b9a15c151f96e3d2ddf00dbab87b470749

  • SHA256

    fa8c351db5863d53174d241b6b3775b4e0737709c3b690481500ee31cfa87df5

  • SHA512

    339ff308f33bd83f698cf8b51a8d9d768c0ef5c0373a74d1f4e53f03f18bd8568dd8a7a3569eb0699c04bb2a5add8804b2340873e77ad3a1a94a7273064ebc42

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1Y8tvnh:6uaTmkZJ+naie5OTamgEoKxLWzZh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • fa8c351db5863d53174d241b6b3775b4e0737709c3b690481500ee31cfa87df5.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections