Overview

overview

10

Static

static

10

618a69a2fb...d9.exe

windows7-x64

9

618a69a2fb...d9.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    618a69a2fbb50ad32fa37504fb3bf3c78ebf35dbeab4df1f6c9278eb105717d9.exe.compressed

  • Size

    99KB

  • MD5

    5c90e11df98be1e045b7a2cc6825779d

  • SHA1

    7ba7a42f35dbb4fc0d3f8af29fb31fc8048692e1

  • SHA256

    fc8761e18a9c2e5b91d81b3a44d23bfa56737ea71756b88db6aa4c4eb7d2b4aa

  • SHA512

    83934a5ee18cd6ca62acdecccb12b12f28bb2441553f59c960a07171bff87352f09a34098caf5590decb4d204752f49266c23286d110fe8fec8c09f45c86b812

  • SSDEEP

    1536:4Ij4aaWd0ni8l4ZOtIsdm+s2sQ4yFVP8eflx69g6KWmhPK39Ijs4248YaaFQ2nDM:Nxv8QOrmj211/1flQSvJhST48

Score
10/10
upx

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables referencing many IR and analysis tools 1 IoCs
  • UPX dump on OEP (original entry point) 1 IoCs
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • 618a69a2fbb50ad32fa37504fb3bf3c78ebf35dbeab4df1f6c9278eb105717d9.exe.compressed
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections

  • out.upx
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections