blackmoon | f5e1104a710e3c09efee1b6f17206766cdd28e013182dc0b351822af660f179f

Sharing

Copy URL Twitter E-mail

General

Target

f5e1104a710e3c09efee1b6f17206766cdd28e013182dc0b351822af660f179f
Size

264KB
MD5

1ceff48eec3e7f013ffd398fe12288cd
SHA1

ed370534a5b8531763dbaa0fd062630b3fe31122
SHA256

f5e1104a710e3c09efee1b6f17206766cdd28e013182dc0b351822af660f179f
SHA512

cffd73af972b8c08103cc11b299c88c9b3091428e4fdf42eb38a1eaa81af50ae6b3eb37c8569dd37478a90c2666bef4c2ca9c4a7d13d246f77e214b6da6cf84d
SSDEEP

3072:/fjvT1HmNG4yzw0adn7FIStEY+S+FJ55xC27Eo+:/7xmNG4R0w4S+R/Yo+

Score

10^/10

blackmoon

Malware Config

Signatures

Blackmoon family
blackmoon

Detect Blackmoon payload 1 IoCs

resource	yara_rule
sample	family_blackmoon

Files

f5e1104a710e3c09efee1b6f17206766cdd28e013182dc0b351822af660f179f
.exe windows x86

04130bf40fb45c523bd2ff253f4a4353

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RemoveMenu
MenuItemFromPoint
GetMenuDefaultItem
GetMenuInfo
GetMenuState
GetMenuCheckMarkDimensions
GetMenuItemRect
GetMenuItemInfoA
GetMenuStringA
TrackPopupMenu
SetForegroundWindow
CheckMenuRadioItem
CheckMenuItem
GetSubMenu
SetMenuInfo
InsertMenuA
GetMenuItemCount
AppendMenuA
DestroyMenu
CreatePopupMenu
CreateMenu
ReleaseDC
GetDC
SendDlgItemMessageA
SetDlgItemTextA
GetDlgItemTextA
SetMenuItemInfoA
PeekMessageA
SetMenuDefaultItem
wsprintfA
GetMenuItemID
SetMenuItemBitmaps
SetDlgItemInt
GetDlgItemInt
DialogBoxParamA
DispatchMessageA
TranslateMessage
TranslateAcceleratorA
GetMessageA
CreateDialogParamA
RegisterWindowMessageA
DrawMenuBar
SetMenu
CallWindowProcA
SetTimer
KillTimer
GetMenu
GetSystemMetrics
IsZoomed
IsIconic
RegisterClassExA
LoadCursorA
LoadIconA
GetSysColor
RemovePropA
GetPropA
SetPropA
MessageBoxA
SetWindowTextA
GetWindowTextA
GetWindowTextLengthA
EnableWindow
IsWindowEnabled
ShowWindow
IsWindowVisible
SetParent
PostMessageA
SetWindowPos
MoveWindow
ScreenToClient
GetWindowRect
UpdateWindow
ValidateRect
InvalidateRect
GetFocus
SetFocus
IsWindow
GetDlgItem
DefWindowProcA
GetWindowLongA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
CreateWindowExA
UnhookWindowsHookEx
SetCursor
PostQuitMessage
UnregisterClassA
DestroyIcon
DestroyWindow
EndDialog
EndPaint
FillRect
GetClientRect
BeginPaint
DestroyAcceleratorTable
GetAsyncKeyState
GetParent
ClientToScreen
SendMessageA
DefFrameProcA
SetWindowLongA

kernel32

GetStringTypeW
GetStringTypeA
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
RaiseException
VirtualAlloc
LCMapStringW
MultiByteToWideChar
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetProcAddress
RtlUnwind
VirtualFree
HeapCreate
GetVersionExA
GetEnvironmentVariableA
GetLastError
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
DeleteCriticalSection
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
TerminateProcess
InterlockedIncrement
InterlockedDecrement
GetVersion
GetStartupInfoA
SetStdHandle
FlushFileBuffers
HeapDestroy
CreateThread
LCMapStringA
GetModuleFileNameA
GetCommandLineA
SetFilePointer
WriteFile
GetFileSize
ReadFile
GetTickCount
CreateFileA
IsBadReadPtr
HeapFree
HeapReAlloc
HeapAlloc
ExitProcess
GetProcessHeap
MulDiv
GetCurrentThreadId
RtlZeroMemory
LocalSize
ReadProcessMemory
GetCurrentProcess
RtlMoveMemory
GetModuleHandleA
CloseHandle
RtlFillMemory
lstrcpynA

shell32

DragFinish
DragQueryFile
DragAcceptFiles
Shell_NotifyIconA

oleaut32

SysAllocStringByteLen

gdi32

SetTextColor
GetStockObject
SetBkColor
DeleteObject
CreateSolidBrush
CreatePatternBrush
GetDeviceCaps
CreateFontA
GetObjectA
SetBkMode

comdlg32

GetOpenFileNameA
GetSaveFileNameA

Sections

.text
Size: 220KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

04130bf40fb45c523bd2ff253f4a4353

Headers

File Characteristics

Imports

user32

kernel32

shell32

oleaut32

gdi32

comdlg32

Sections

.text Size: 220KB - Virtual size: 220KB

.sedata Size: 40KB - Virtual size: 40KB

.text
Size: 220KB - Virtual size: 220KB

.sedata
Size: 40KB - Virtual size: 40KB