Overview

overview

10

Static

static

10

2b27957f09...13.exe

windows7-x64

9

2b27957f09...13.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2b27957f09942a6836b5a12054fcb4de65b9c78ce37615f784fcf447b646da13.exe.compressed

  • Size

    99KB

  • MD5

    957eb11989899463da9657855f383733

  • SHA1

    d30914dc51e0121c2362d57829502d98d6754159

  • SHA256

    f4704cec2060aa6ee755a6625de2ba155a9571f0b9cfeddee6b18ffb35092880

  • SHA512

    17b267cb4fcb7a34ae43b1280286d70d51a86b35085078be67fb7ec8a6f5c23e34c38fb881539ee94763eef35c4d13a84ea058d12d704af60488a2e8fc3628c0

  • SSDEEP

    1536:SIj4wDWtxg5g1QdDXvJnQIxvsYXtqECG3U51oGE+vdGBYoEVotgSnVmIQ1lRn:fVD/dDBQCkeqSk51oHmGGPzGVm

Score
10/10
upx

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables referencing many IR and analysis tools 1 IoCs
  • UPX dump on OEP (original entry point) 1 IoCs
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • 2b27957f09942a6836b5a12054fcb4de65b9c78ce37615f784fcf447b646da13.exe.compressed
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections

  • out.upx
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections