Overview

overview

10

Static

static

10

363a874ff1...85.exe

windows7-x64

9

363a874ff1...85.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    363a874ff177178c253703158028e6952de442771323571f1d988e4bd1fa1685.exe.compressed

  • Size

    99KB

  • MD5

    741b41afcd9bcebd6ef08e3962f60dc1

  • SHA1

    30e943619171e9012b9f2bc6adb6791f6fc47a89

  • SHA256

    949ed8ca787365ecdf448f2d49dd5710ce8318a2a6d1158aa9e8a5310e81bb40

  • SHA512

    e8f7cbb9579561004059e60d397233f7b509b018bb87289f9ce3378105219ef48bab3e976071d90d879bbe531d3b7fa79557e461f7b7f9d05c4bd6031c96a3bc

  • SSDEEP

    1536:9Ij4Lvw4DZkPlzf2eIKIOLLzELlH5YjeV/YsVXTwdXMRl/D2wZi+N9rz+GwEn:kwIGZqlzMg/EJRVQsNL/vZBjTw

Score
10/10
upx

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables referencing many IR and analysis tools 1 IoCs
  • UPX dump on OEP (original entry point) 1 IoCs
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • 363a874ff177178c253703158028e6952de442771323571f1d988e4bd1fa1685.exe.compressed
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections

  • out.upx
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections