Overview

overview

10

Static

static

10

10efecc98e...48.exe

windows7-x64

10

10efecc98e...48.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    10efecc98e587ee32622c6b7844e46f2f08d57dc3bf0db523b645f611959ce48

  • Size

    707KB

  • MD5

    7cb16cfb03a4fa6c43cdb8664a746f0e

  • SHA1

    850977b39d6f0ae9c184bb21e6134d2fdff1e8b4

  • SHA256

    10efecc98e587ee32622c6b7844e46f2f08d57dc3bf0db523b645f611959ce48

  • SHA512

    45b188f7cebe1b10287da813485f671f5b0942f5410e9e0b94b81961a906997044a07d2d2ed8140791302aaacc1580f5a56f175ac2cad840c220848607aaa007

  • SSDEEP

    6144:kcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1G8evnh:WuaTmkZJ+naie5OTamgEoKxLWVAh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 10efecc98e587ee32622c6b7844e46f2f08d57dc3bf0db523b645f611959ce48
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections