General

  • Target

    a95737adb2cd7b1af2291d143200a82d8d32a868c64fb4acc542608f56a0aeda

  • Size

    146KB

  • MD5

    0558b31bd9e3e8233ca74837754882d7

  • SHA1

    a4bcad094372c9348bce850034a028460d19b0a6

  • SHA256

    a95737adb2cd7b1af2291d143200a82d8d32a868c64fb4acc542608f56a0aeda

  • SHA512

    4e8cb6bcd0b74b5508ee211fb2d7796fc5177d3b10fdc3283614ae872bd4cfa32d80648e35c79b2b2b3fa867eadcce4e706301f6e716e46fddefca08eeb1fb04

  • SSDEEP

    3072:GB1Q3LeTWmL359vd0OmS7ok57ORL2G4kOqOcPxab/gp2pFuuxE6l/:E1WeTWmLp9vd0Om6B57ORaG4Rqh51p2q

Score
10/10

Malware Config

Signatures

  • Blackmoon family
  • Detect Blackmoon payload 1 IoCs
  • Gh0st RAT payload 1 IoCs
  • Gh0strat family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • a95737adb2cd7b1af2291d143200a82d8d32a868c64fb4acc542608f56a0aeda
    .exe windows x86


    Headers

    Sections

  • out.upx
    .exe windows x86


    Headers

    Sections