Overview

overview

10

Static

static

10

1b8c39b365...f8.exe

windows7-x64

10

1b8c39b365...f8.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    1b8c39b36563509880f0b94400cd44b3a23841beec5505724dc62a5c2542edf8

  • Size

    437KB

  • MD5

    7e89627c66883942fbf4dfed1a938974

  • SHA1

    3311a75557736e5bbf5b7e7edd7512f582f1701f

  • SHA256

    1b8c39b36563509880f0b94400cd44b3a23841beec5505724dc62a5c2542edf8

  • SHA512

    c6b01cecc13c7df671f622acea738574ae7b319223d4d91bd7a03d67e114db4c89cfe150fedae79e63b71aa3a1d7778a9322b134bee6127f0c49601315a7796e

  • SSDEEP

    6144:5fweR7gpANB0sv2YYuwfDoOPV1x0GwYpk09RhyQ3Zm3:J1R7gpAwsuvDNP/xyqk09TyCc3

Score
10/10
upxblackmoon

Malware Config

Signatures

  • Blackmoon family
    blackmoon
  • Detect Blackmoon payload 1 IoCs
  • UPX dump on OEP (original entry point) 1 IoCs
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1b8c39b36563509880f0b94400cd44b3a23841beec5505724dc62a5c2542edf8
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections