General

  • Target

    exe1.bin.bak.exe

  • Size

    162KB

  • MD5

    ce1d781ff2e37b62bc314b53c6dae49d

  • SHA1

    9927eafa1c92788774c3653ded4eba03e6b5d96a

  • SHA256

    9591e4d1090bc5caa1d1db4ebf929d9113fd36e0521d316762f5cff275b4c733

  • SHA512

    5fc2faacc8db2c88c0f46634a7a09c8fdc3f1efc4ccf98b10eca3e02147a8c91653a5a27644f5c7e4ec82fc8d3d8f281b2a4c9a075d07588b87684bcab81a672

  • SSDEEP

    3072:tFkGbeuz0DsP2YaD+mNZN8Gb/riKvG+cG3DR7pJ3rbeM5p:wEeJs7aKmNZNbriKvG+c2tlJbbbj

Score
10/10

Malware Config

Signatures

  • Blackmoon family
  • Detect Blackmoon payload 1 IoCs
  • Gh0st RAT payload 1 IoCs
  • Gh0strat family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • exe1.bin.bak.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections