AlphaBlend
DllInitialize
GradientFill
TransparentBlt
vSetDdrawflag
General
-
Target
3641ef075a9694cfc4158224e5bfd7eda3202766c93a682bc6a4e559e3a3f403
-
Size
431KB
-
MD5
c2545a3ac05d73eb9b8fe79a2693cdd4
-
SHA1
7d03104d0112006d94578b35e4c323632ad3ff67
-
SHA256
3641ef075a9694cfc4158224e5bfd7eda3202766c93a682bc6a4e559e3a3f403
-
SHA512
d208e06258942e9571d8730f249e878ab05ed7641207d9e69a16b3929157a9214fdf4fea1765701027bec95e54c951f6d6a8503794571e8481ea1d48086c09d5
-
SSDEEP
12288:IXi0ig1VCpPgYO+TqxeqFcOH72olHki91:IXivg1VCpZOCqxkOH7TBj
Score
10/10
Malware Config
Signatures
-
Blackmoon family
-
Detect Blackmoon payload 1 IoCs
-
ACProtect 1.3x - 1.4x DLL software 1 IoCs
Detects file using ACProtect software.
-
UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
Files
-
3641ef075a9694cfc4158224e5bfd7eda3202766c93a682bc6a4e559e3a3f403
Headers
Exports
Sections
-
out.upx
Headers
Sections