General

  • Target

    1817941ffb1be2ae140ec03ad4f72ae1

  • Size

    40KB

  • MD5

    1817941ffb1be2ae140ec03ad4f72ae1

  • SHA1

    fcde2c984cc3a5cf6846f914c274526bf90c767d

  • SHA256

    24ef4bffac294cda336afce003a1a922f29b4e094c43758030e3deb4558275b5

  • SHA512

    622c32163b323aaf8b28f5057020d500ead183c4ea39b1261ee424512fa9f43356c1e3c470416683feaf96fd48d3bfc6c4937c562fa0bc122a3c0e47fe98bafb

  • SSDEEP

    768:TXwmYNb1NayGKG0/WaRuAuJorLg13OQZQ7OnvZ52b/bG8okq9Qm73Z7UK:Tgjb1NajyuXp35P34G7kqVZ

Score
10/10

Malware Config

Signatures

  • Blackmoon family
  • Detect Blackmoon payload 1 IoCs
  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • 1817941ffb1be2ae140ec03ad4f72ae1
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections