Overview

overview

10

Static

static

10

5ab834f599...c6.exe

windows7-x64

10

5ab834f599...c6.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    dea93a0cf6e55dcfd1a4b9c10324b0b4edea974cc60878296601e6dc9f16c166

  • Size

    31KB

  • MD5

    f86bc4d1c11a104ec3c305ce5ea8278f

  • SHA1

    d9b1a57189493920d4735b4d03dbac475b8c1915

  • SHA256

    dea93a0cf6e55dcfd1a4b9c10324b0b4edea974cc60878296601e6dc9f16c166

  • SHA512

    97b5234052e06b134eaa86ea5e534b1cd16edb69b03bd0909236c87edc044050274102c4165d9c7c6fc591c252bccbb32c251a670b68cb4c03ee0e3d71768c11

  • SSDEEP

    768:hLw6lD/DJe77K0Kq75NXGLKQ7NOB82NxZORYSbAbr9O4:hLwos/SqdtGLKQ70CaxZFSbV4

Score
10/10
upxnefilim

Malware Config

Signatures

  • Nefilim family
    nefilim
  • Nefilim ransomware executable 2 IoCs

    File contains patterns typical of Nefilim samples.

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • dea93a0cf6e55dcfd1a4b9c10324b0b4edea974cc60878296601e6dc9f16c166
    .zip

    Password: infected

  • 5ab834f599c6ad35fcd0a168d93c52c399c6de7d1c20f33e25cb1fdb25aec9c6
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections