Overview

overview

10

Static

static

10

0ebfef7d60...7b.exe

windows7-x64

10

0ebfef7d60...7b.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    0ebfef7d6059b82e87e05a54e80e5a7b.virus

  • Size

    2.6MB

  • MD5

    0ebfef7d6059b82e87e05a54e80e5a7b

  • SHA1

    3c1ab9c072625b9e08b72013967b04bd2e0cb69e

  • SHA256

    4695fbf41abd54d1449d8da4a5976d50aec0499e3e2959e20686237d32db3114

  • SHA512

    a695816e77c3d569ba861fab022035910858cf2db0e15dd2a58398c6f39394add35172ca209de1d0d02019f5f0a4f35beb8e3ea56c4e0c37cb645379d1d9e5c9

  • SSDEEP

    24576:3bsATQUIP6braCWyv6BpHv+LOez9OulOcsV9DK2J2aBcpsam5RvikgJkf:3vbDCv+HOulOcQMYYsP5RviP6

Score
10/10
blackmoongh0stratmimikatz

Malware Config

Signatures

  • Blackmoon family
    blackmoon
  • Detect Blackmoon payload 1 IoCs
  • Gh0st RAT payload 1 IoCs
  • Gh0strat family
    gh0strat
  • Mimikatz family
    mimikatz
  • mimikatz is an open source tool to dump credentials on Windows 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 0ebfef7d6059b82e87e05a54e80e5a7b.virus
    .exe windows:4 windows x86 arch:x86

    51d221b5a5480b851c728b6c40a01d6b


    Headers

    Imports

    Sections