blackmoon | 8f6c34fd22d605a2eecf9d454a2f65701549aaed1460e126132e08aa9bdc87ae | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8f6c34fd22d605a2eecf9d454a2f65701549aaed1460e126132e08aa9bdc87ae
Size

196KB
MD5

0f58fc83c9c3872a7a58f2d3adcdb7bc
SHA1

354b0f0570291c740a34386ec5be7209ddc7f1d5
SHA256

8f6c34fd22d605a2eecf9d454a2f65701549aaed1460e126132e08aa9bdc87ae
SHA512

09e4e4ec288da8dae738922c73d79b2ae0db696a753027734836155755bb2bfe1797bb02ec2ce8aec43973c00d6bbd5347c0e581ef2888cbd3e547cf7895f9ff
SSDEEP

3072:SRUo8d1xLvtlZmt1t2BJqGy5PQ6qfFmbIYYY0YbWfnnc6:SRp8bnlZdBJ0qoLWfc6

Score

10^/10

blackmoon

Malware Config

Signatures

Blackmoon family
blackmoon

Detect Blackmoon payload 1 IoCs

resource	yara_rule
sample	family_blackmoon

Files

8f6c34fd22d605a2eecf9d454a2f65701549aaed1460e126132e08aa9bdc87ae
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.lcc0
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lcc1
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lcc2
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE