blackmoon | 920c59975c6a35afdeec963d732d498953e82c9a37df281d82e6ac54332e7d82 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

920c59975c6a35afdeec963d732d498953e82c9a37df281d82e6ac54332e7d82
Size

80KB
MD5

3a53608639bab7660b1a3104b575e090
SHA1

a604454f5d72b8ed34940339017538a4e339f424
SHA256

920c59975c6a35afdeec963d732d498953e82c9a37df281d82e6ac54332e7d82
SHA512

a4ca25f3d4535915d331d28e75a5eeef24f6148cc1461c46e8d754cb06e982d2a5837fe9529516384d7a40ee2f6392134d04886d054a6720909722c07aa2eeab
SSDEEP

768:IcxX8etsIm//39QqU8QNadrRa2wWyPU2a/ZbRBsAVqsbX6WxZ:TTm/P9xU8Bdrk2wXPk/ZNBsAVqmXfxZ

Score

10^/10

blackmoon

Malware Config

Signatures

Blackmoon family
blackmoon

Detect Blackmoon payload 1 IoCs

resource	yara_rule
sample	family_blackmoon

Files

920c59975c6a35afdeec963d732d498953e82c9a37df281d82e6ac54332e7d82
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

run

Sections

(h�E0
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

(h�E1
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

(h�E2
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE