General
-
Target
3aaaf2e6d3f3607c32f96c9e72993f04_JC.exe
-
Size
4.7MB
-
MD5
3aaaf2e6d3f3607c32f96c9e72993f04
-
SHA1
6b2ce0ec9446d7bce02c591ff490332cd0c77193
-
SHA256
6d5479adcfa4c31ad565ab40d2ea8651bed6bd68073c77636d1fe86d55d90c8d
-
SHA512
f8da05cec8eabe85ceb1ea7621009b5da6752fa7364f299e05bfe425cfd3639b7d20e4666d336579fabc5ecf2886f9eaf2479a7bd0e190b2a5c3e8dbd633398a
-
SSDEEP
98304:4Xl2HNWwT+ZzNoa/AaJjCE4Sots8/DzYJ971NRQMSIz/Lge5Q7da+pwY2mmXtUgs:4oH0WMhJWd+8/iR1NKM5rQ7PwY2mmXtU
Score
10/10
Malware Config
Signatures
-
Blackmoon family
-
Detect Blackmoon payload 1 IoCs
-
Mimikatz family
-
mimikatz is an open source tool to dump credentials on Windows 1 IoCs
-
UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
-
NSIS installer 1 IoCs
Files
-
3aaaf2e6d3f3607c32f96c9e72993f04_JC.exe
Headers
Sections
-
out.upx
Headers
Sections