General

  • Target

    a5391f367b0b4aa3b822de7c55bdeb2f4876df4cba2b3a718c3cf68273b35ac9

  • Size

    92KB

  • MD5

    813874e8444595219cfae82f3a61de65

  • SHA1

    385d5b25ca8a0cde312df93d2cf61cb369f5341e

  • SHA256

    a5391f367b0b4aa3b822de7c55bdeb2f4876df4cba2b3a718c3cf68273b35ac9

  • SHA512

    b15bf917049352e8eafe33295e3bf257206205f2342d0c050d8481a23eb2c94baa43e3c693d2c17263672dbc64c5cb255925940c128c1435ed3644534768ef76

  • SSDEEP

    1536:Q/vTGudTe5k4Lo8KI2Z4yNcR5Mpk7WO9f2zXGYxTIx9JL8IoQ6CqZphk4:Q/bhOrBKIq4XR5Mpp+fw2CIx9JLYpk4

Score
10/10

Malware Config

Signatures

  • Blackmoon family
  • Detect Blackmoon payload 1 IoCs
  • UPX dump on OEP (original entry point) 1 IoCs
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • a5391f367b0b4aa3b822de7c55bdeb2f4876df4cba2b3a718c3cf68273b35ac9
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections