Overview

overview

10

Static

static

10

8ce6994ac1...54.exe

windows7-x64

10

8ce6994ac1...54.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    8ce6994ac1c5c8063c740b84cf8aef392a0664db3ab6a57df2ae5c3d49fb0254

  • Size

    5.4MB

  • MD5

    4b554bb7db62440527669297af3e0e77

  • SHA1

    f264d421f0cfee7aaf1e940e7610db18c1b89098

  • SHA256

    8ce6994ac1c5c8063c740b84cf8aef392a0664db3ab6a57df2ae5c3d49fb0254

  • SHA512

    a7119fe9416377dbbbd811bbf3c9df4f7fed0e278de781b09c6ed9ac793024ee623498f38c92e3a9d3075973cab8cc0bef426ce3ee054d35e93bbac203aef85c

  • SSDEEP

    98304:VowPxzjnSUGPSbc6UomYXFh2n4mnSwyLYy8jkpUDdhh9Sv:z7SUG6c2mnGLon98

Score
10/10
vmprotectblackmoon

Malware Config

Signatures

  • Blackmoon family
    blackmoon
  • Detect Blackmoon payload 1 IoCs
  • VMProtect packed file 1 IoCs

    Detects executables packed with VMProtect commercial packer.

    vmprotect
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 8ce6994ac1c5c8063c740b84cf8aef392a0664db3ab6a57df2ae5c3d49fb0254
    .exe windows:5 windows x86

    76992af32cc542c5ef2010eeae41bdaf


    Headers

    Imports

    Sections