General

  • Target

    809c36b5ee0329e932c32879ed9140e716dc3ebba03421b33e4705a7f2c66f85

  • Size

    2.5MB

  • MD5

    20e6aa1d44b8d35ccdcd82a6a53f95af

  • SHA1

    46aba1e94cb06c42016a76bb5ec66deebc9797b0

  • SHA256

    809c36b5ee0329e932c32879ed9140e716dc3ebba03421b33e4705a7f2c66f85

  • SHA512

    7580515efaf8a40735616a755f36f9172e0ab06e54f4735ab4a4ac47ca0f39a83e5df82d47f58bd9b940850e8bf959aa83e22e1c8d6709410be553d02bf44abf

  • SSDEEP

    49152:3wQSMKE1rH8NuT0vJuQ8fejwX81EKifbwmrXyhaXg/Inh/wxK70FIBIS3+xY28Yw:3ZSlKrH8gT0vJ38GkXYEKifbwmrXyha/

Score
10/10

Malware Config

Signatures

  • Blackmoon family
  • Detect Blackmoon payload 1 IoCs
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • 809c36b5ee0329e932c32879ed9140e716dc3ebba03421b33e4705a7f2c66f85
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections