General
-
Target
6e01f2b48cf4cb48038a053bbb4640c81197652f923ead3b0ae56257b07a777e
-
Size
430KB
-
Sample
241229-mrd11szkcs
-
MD5
ca9a5392b0660815f6fa7a76a3f41292
-
SHA1
fe64b8d27abbab65190010444b8d6f7c2edc3d32
-
SHA256
6e01f2b48cf4cb48038a053bbb4640c81197652f923ead3b0ae56257b07a777e
-
SHA512
08e68c77e8d793b39bec0e1d62ba414d24e7cac8a348be21053cdb632b4aea5b0d662f7337231350318ea049723f8e39dd8c8b9fe44912d3c194a3b695f5fee5
-
SSDEEP
12288:q9j8pWxJdNxnSJwu416c9y0wiL7s1T37AVu68VnogfN7oSa:q9I+dGwu13UVb+n3fNU
Malware Config
Targets
-
-
Target
6e01f2b48cf4cb48038a053bbb4640c81197652f923ead3b0ae56257b07a777e
-
Size
430KB
-
MD5
ca9a5392b0660815f6fa7a76a3f41292
-
SHA1
fe64b8d27abbab65190010444b8d6f7c2edc3d32
-
SHA256
6e01f2b48cf4cb48038a053bbb4640c81197652f923ead3b0ae56257b07a777e
-
SHA512
08e68c77e8d793b39bec0e1d62ba414d24e7cac8a348be21053cdb632b4aea5b0d662f7337231350318ea049723f8e39dd8c8b9fe44912d3c194a3b695f5fee5
-
SSDEEP
12288:q9j8pWxJdNxnSJwu416c9y0wiL7s1T37AVu68VnogfN7oSa:q9I+dGwu13UVb+n3fNU
Score10/10-
Blackmoon family
-
Blackmoon, KrBanker
Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
-
Detect Blackmoon payload
-
Detect PurpleFox Rootkit
Detect PurpleFox Rootkit.
-
Gh0st RAT payload
-
Gh0strat
Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
-
Gh0strat family
-
PurpleFox
PurpleFox is an exploit kit used to distribute other malware families and first seen in 2018.
-
Purplefox family
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-