Overview

overview

10

Static

static

10

6399819a1c...3e.exe

windows7-x64

9

6399819a1c...3e.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    6399819a1c9b91bf91cf051c3b48feefbec7be70d850d3895ec38ae9e018293e.exe.compressed

  • Size

    99KB

  • MD5

    945584541cc4c557c16de155fe9b7035

  • SHA1

    602eabbe5a09d3bbbf197db1712b6ce24324eb66

  • SHA256

    fea578d8fb6719ec3d00e6df10ce1185e9376c88677cfebcbf8b4fe6fa6a34d1

  • SHA512

    cc5e59647d37e9b9b7671b32bf48e56fdea07e63e13b789c987ffe23f6729ac9f467ae97c4148977471240156478bf254e5bc11296a50e70a94666227ae3a6e3

  • SSDEEP

    1536:IIj4y80wVb5ubKDQ2IrF9eVpAkf5FXsQ8WxBU5t8q/ZXvNQjmDgODfHrn+rcn:d980aWrF9er5FXsPWxctrlhDXzHr+

Score
10/10
upx

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables referencing many IR and analysis tools 1 IoCs
  • UPX dump on OEP (original entry point) 1 IoCs
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • 6399819a1c9b91bf91cf051c3b48feefbec7be70d850d3895ec38ae9e018293e.exe.compressed
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections

  • out.upx
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections