blackmoon | 464d02e26b94314de8507dd6210f50d79f8fe1955ec3bfb709a7a85e774e3826 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

464d02e26b94314de8507dd6210f50d79f8fe1955ec3bfb709a7a85e774e3826
Size

4.6MB
MD5

0a8fbcf05eec0968cb0be7959d9689ae
SHA1

156c413212c013d8daed207522771d52d072f310
SHA256

464d02e26b94314de8507dd6210f50d79f8fe1955ec3bfb709a7a85e774e3826
SHA512

f69a120c6cce51264ed62d8eac0b913b0ee8c4fe4a1017a3b555a05fec7898c7944956d7b60b196551beef25fbf58a329034488aca4fe72d9946e3fbc8c528c3
SSDEEP

49152:1JXGaWXfYkLnHvoIJq3M+fyCaFho3e3jFR0dS0ukX:jnWpgeqcAGFhmsb0d7u+

Score

10^/10

blackmoon

Malware Config

Signatures

Blackmoon family
blackmoon

Detect Blackmoon payload 1 IoCs

resource	yara_rule
sample	family_blackmoon

Files

464d02e26b94314de8507dd6210f50d79f8fe1955ec3bfb709a7a85e774e3826
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 200KB - Virtual size: 199KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 32KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vsp
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE