Overview

overview

10

Static

static

10

e774e8acb0...bf.exe

windows7-x64

10

e774e8acb0...bf.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    e774e8acb0054c776b53c0a35b7c4d016eb00257bd920f537de74ea825612ebf.exe

  • Size

    707KB

  • MD5

    3db587c52d2e0c9fc90b11f20cf084a7

  • SHA1

    f46f7df1ac6ca6a51bcef85d3d0001bd4c7fa93c

  • SHA256

    7ba761b410f024714b98c03cd0e1f85b79f49d4a280d96881029e054238e01ee

  • SHA512

    fd76f81b2a49a195792f8eeea5bf93695fb676e82fed1bebc62ffd30ef57458f675aaaf3b0e25e8dfc951e4501fa8db6145694a92d103ab18a2ad1a5ede28ff6

  • SSDEEP

    6144:/cmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1n8Wvnh:TuaTmkZJ+naie5OTamgEoKxLWWoh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • e774e8acb0054c776b53c0a35b7c4d016eb00257bd920f537de74ea825612ebf.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections