Overview

overview

10

Static

static

10

156ca7a02d...26.exe

windows7-x64

10

156ca7a02d...26.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    156ca7a02da946cac478d18b1b9093a22eb7bdb193aa5de58a5ee882deb06826

  • Size

    707KB

  • MD5

    e2ec099052b7d96161341f3da7834532

  • SHA1

    598d1af31a6786327edf17c93a67efe4d2d736c0

  • SHA256

    156ca7a02da946cac478d18b1b9093a22eb7bdb193aa5de58a5ee882deb06826

  • SHA512

    0da5ddbb9066781210719863bc5f87f49c26136ea793635034b1526bc09070d46544bb2335ff0bb1556be989fbf6ba268ee36ffa6ce5e5ac2a75e964906a660c

  • SSDEEP

    6144:kcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1C8Kvnh:WuaTmkZJ+naie5OTamgEoKxLWBEh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 156ca7a02da946cac478d18b1b9093a22eb7bdb193aa5de58a5ee882deb06826
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections