General

  • Target

    440d0f05692d620fab1ca3e6c78712b5.bin

  • Size

    138KB

  • MD5

    258c2ee65471ef15bb65c4da1afa5733

  • SHA1

    a80d57053df1a7599f7ace96728d9a8de2498389

  • SHA256

    8eae082644a99c6c82fcacbeafe57beb0bdbb5803f8da8b6bf7e881072b886b8

  • SHA512

    16a917464fa2080485dd184651b2db31582c1f87e47e6c535469706f7aade6afade18d359352705ce69e1c27b55e3900dc49ff2f99d48554d02433c66f86b52e

  • SSDEEP

    3072:UNe4S4PVlDzgn2w3xlox2+4izk8ZxHX8peolPn7ZwKtOdmHF1pD:UA4S4PVlDzzw3xaXHhx3ylPGKx1pD

Score
10/10

Malware Config

Signatures

  • Blackmoon family
  • Detect Blackmoon payload 1 IoCs
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 440d0f05692d620fab1ca3e6c78712b5.bin
    .zip

    Password: infected

  • 873bc859b38d26cca01c389d96ac05dbad12c24d0225dfb5e8b8ce584c943a81.exe
    .exe windows:4 windows x86 arch:x86

    Password: infected

    da4a387004bf1285d93edaa4d5233098


    Headers

    Imports

    Sections