General

  • Target

    f896390fe14b2c8d2c3a14d522b9cf1df4eca1896e7150cb1e20026a7c7abffd

  • Size

    15.1MB

  • MD5

    95673428f8802e82c69dbc2d5228ca3c

  • SHA1

    2ced00eeae810deea1a5acf3ef99e3c7b88ed413

  • SHA256

    f896390fe14b2c8d2c3a14d522b9cf1df4eca1896e7150cb1e20026a7c7abffd

  • SHA512

    c41c37205c6070f0108111d503ae509082f54974a62634b0896230d45c10698e25343c0d2ceba99dd2a12d5264f5131e838102e64cc501e2c81244bdf064ae26

  • SSDEEP

    393216:F6tiM4KnpymOcKHya75f5xXJdXbU6ENx5vA3+:cxnrOvSUd5x5OXnv3

Malware Config

Signatures

  • Blackmoon family
  • Detect Blackmoon payload 1 IoCs
  • CryptOne packer 1 IoCs

    Detects CryptOne packer defined in NCC blogpost.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • f896390fe14b2c8d2c3a14d522b9cf1df4eca1896e7150cb1e20026a7c7abffd
    .zip
  • 喜马拉雅音频批量下载器(会员版)2024.09.07.exe
    .exe windows:4 windows x86 arch:x86

    90ff0ea55b269656bb0aa667cb635d81


    Headers

    Imports

    Sections