General

  • Target

    8b1294fed0d0b6148d5a387ec4521e5e9a1f40afc312cdfa1cfbe29144ba861a.exe.compressed

  • Size

    160KB

  • MD5

    665bf8ae4a3d1a81c9881f49c4e93abd

  • SHA1

    f5674c8068d4f4385064e4126e668ce02fd9a025

  • SHA256

    dd6ab5c1becfef185c43c9f12590d9da4983be2a1223e94ebc2ce847d2f8a1f4

  • SHA512

    ef383352021e39b7039a02fc43f048c9a01d7c92f7d8b88bf0e14373cecb3ff0d3be09b99d0e8f25c1453a69009b1a2f7d8f04db54925fef67cc62a1511c553e

  • SSDEEP

    3072:nFB3O3IRORghwODMJlz1dxoOXwupfcbYa7K7/lx50s8dovwskBoqSI4SidE:FBZcIDqvysbpfcEaYy+wt2K

Score
10/10
upx

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • UPX dump on OEP (original entry point) 1 IoCs
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • 8b1294fed0d0b6148d5a387ec4521e5e9a1f40afc312cdfa1cfbe29144ba861a.exe.compressed
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:5 windows x86 arch:x86


    Headers

    Exports

    Sections