AlphaBlend
DllInitialize
GradientFill
TransparentBlt
vSetDdrawflag
General
-
Target
c0cc0ee5e5feb8291978bbcf0494e3e7076108e69b37d721904a711150cbe845
-
Size
431KB
-
MD5
ea523c70dac15d480af6bb95a266f1fb
-
SHA1
e3f792cc047c5294c39ca72e5784e7fafd696ea1
-
SHA256
c0cc0ee5e5feb8291978bbcf0494e3e7076108e69b37d721904a711150cbe845
-
SHA512
4ff251d7d1edd433c83f7c4cc352314c1f57cc70bf89df53d283c7cd226792920997fb7617577c79d708f07dbabb59e0f23d9d6bf1f72df17253ce90923f4993
-
SSDEEP
12288:BajL+BfqlWhVqmhbS975O2ZJIYiR6GhR2gKSQ6rs50N:BanutMmc51J1iHhEz9680N
Score
10/10
Malware Config
Signatures
-
Blackmoon family
-
Detect Blackmoon payload 1 IoCs
-
ACProtect 1.3x - 1.4x DLL software 1 IoCs
Detects file using ACProtect software.
-
UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
Files
-
c0cc0ee5e5feb8291978bbcf0494e3e7076108e69b37d721904a711150cbe845
Headers
Exports
Sections
-
out.upx
Headers
Sections