Overview

overview

10

Static

static

10

QQ农场�...89.exe

windows7-x64

10

QQ农场�...89.exe

windows10-2004-x64

10

新云软件.url

windows7-x64

1

新云软件.url

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    381c64992cb2890cc9e64b5e0cb8b2fe_JaffaCakes118

  • Size

    365KB

  • MD5

    381c64992cb2890cc9e64b5e0cb8b2fe

  • SHA1

    09551cb6b896c91a99642cbf34d70ef80c281c92

  • SHA256

    f8c239b9a26bf014b7926d317f6b73d1f3a660623ab7939b35d4d70cba7a24d0

  • SHA512

    831ceff5f6dcaf4b02d7bce1ef63ca78c5580fbbb493683d30b5a3e46e914c53979685d5fc97560122d31435c6e3c676cf61eef90b13240f2e8493dbbe395d19

  • SSDEEP

    6144:FWis702QYFr8NWqMu8wbQzmQ7OiPIF0WZU52N2NV2b7kLt20SEb0Idl:UipQNu8wbQzm+LwFvZv2n2b020Ss06l

Score
10/10
upxblackmoon

Malware Config

Signatures

  • Blackmoon family
    blackmoon
  • Detect Blackmoon payload 1 IoCs
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • 381c64992cb2890cc9e64b5e0cb8b2fe_JaffaCakes118
    .rar
  • QQ农场宝贝V2.89.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • system.ini
  • 新云软件.url
    .url