General

  • Target

    c55aff9cf4b150d8a5b126ef80a41ad2c1114c763088f7e16692fe4be80a8c8b.exe.compressed

  • Size

    99KB

  • MD5

    4b014d2f035c40a995a0e46995d846f6

  • SHA1

    c3503cebec6cc8f682f19282a8c96a21d88283e3

  • SHA256

    2e38747b28e6fa5de7299cdc896dbd627cd32eee584822aec4f5c6f04a458994

  • SHA512

    e50b8985a4d93b7d0f43b57e7f974a7b67d74fc6966d5df7a5066e342768e7930b189c38dbbfb79bf72aef012e7d0734a0ec60574e521985fa68d94aa7050580

  • SSDEEP

    3072:kM52dzp69jGVBKVpFm2/Y9OWA8p3LXnYIa+lz4x8:ag9jG4j9vWA8xLXHbz

Score
10/10
upx

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables referencing many IR and analysis tools 1 IoCs
  • UPX dump on OEP (original entry point) 1 IoCs
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • c55aff9cf4b150d8a5b126ef80a41ad2c1114c763088f7e16692fe4be80a8c8b.exe.compressed
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections

  • out.upx
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections