Overview

overview

10

Static

static

10

a8da390d62...24.exe

windows7-x64

10

a8da390d62...24.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    a8da390d622f5af51cf6610fcbbbe50363a65cfac16e89af39f3759935896724.exe

  • Size

    707KB

  • MD5

    cf24845c879ec8037439dd550e7c32a7

  • SHA1

    5af3e2585fe0bb26ea3a5b2e2b6fff8818b93246

  • SHA256

    76e9529ba8b5ba3cb394fb89108871b0101d5c7cdabcd65e2e4d9016837d8c65

  • SHA512

    6c5205f7bd305f8a7a6d252518b0f944dba5d86c7af9458cd08e54b3fca02e517783f742330d7ba2fc7eb1d94bb52abe8cd1841ab428b8e4f82856e0ffa2257f

  • SSDEEP

    6144:QcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1R8Ovnh:auaTmkZJ+naie5OTamgEoKxLWkQh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • a8da390d622f5af51cf6610fcbbbe50363a65cfac16e89af39f3759935896724.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections