blackmoon | d0e24c9cb86429855174323d672a44cbe061ec8fdc2493c5987d0f579dd505e9 | Triage

Sharing

General

Target

d0e24c9cb86429855174323d672a44cbe061ec8fdc2493c5987d0f579dd505e9
Size

813KB
MD5

f1dad1a1434343d839712c1446f87947
SHA1

b3bd3b63d510c751d9c2fa0e6041e420a8feb3a4
SHA256

d0e24c9cb86429855174323d672a44cbe061ec8fdc2493c5987d0f579dd505e9
SHA512

c359a0bae0be063b4d9532dac1377371985c7a4c107e4938176aa755e0234e25703e5760dd76b2497e6a1b15537be29fa49004277331fb22dbf60a711f71f745
SSDEEP

24576:ZJCZdiRk1GedjPnt1QjBmX76y0GCp6xulHx:Zod/vLnuAhzC2m

Score

10^/10

blackmoon

Malware Config

Signatures

Blackmoon family
blackmoon

Detect Blackmoon payload 1 IoCs

resource	yara_rule
sample	family_blackmoon

Files

d0e24c9cb86429855174323d672a44cbe061ec8fdc2493c5987d0f579dd505e9
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 212KB - Virtual size: 211KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 32KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wtq
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE