General

  • Target

    13ff4b54784081a4185a7d1fe68d4940f098995089d2e7bcab6db2c8274f543a

  • Size

    9.1MB

  • MD5

    21e5abb93c44461f5a34c20fac25728e

  • SHA1

    92c187686b7029ea5382ad12fd245d79ef536b7e

  • SHA256

    13ff4b54784081a4185a7d1fe68d4940f098995089d2e7bcab6db2c8274f543a

  • SHA512

    b9ab5f26b7558a8ccb46f8f098a61760d1c96c6275bf7bcbd3e54d707f0c06e47cd304ed4bf2c8e16c3234cc40fbc69e01b8cb07095036ddb5f64ccc3cbf4f89

  • SSDEEP

    196608:5XlNay8qKjERSLE5jRBpc1AQU4zbyWwHoyV576fN7qAouU32AmMQzG6Sr5aJskNg:N3MEs6zpq/3mV57IN7CuzHs5aJsgen

Score
10/10

Malware Config

Signatures

  • Blackmoon family
  • Detect Blackmoon payload 1 IoCs
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • 13ff4b54784081a4185a7d1fe68d4940f098995089d2e7bcab6db2c8274f543a
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections