blackmoon | 5dedf5596e35d5b60a65656470847f0665f71e1929b7aa9e0e9cb42bdc050a72 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5dedf5596e35d5b60a65656470847f0665f71e1929b7aa9e0e9cb42bdc050a72
Size

80KB
MD5

7f3a02ee66d131515e9e5356d2d9996e
SHA1

c50c9a6dd6d71fb8998c1df19238044fcf0ae47a
SHA256

5dedf5596e35d5b60a65656470847f0665f71e1929b7aa9e0e9cb42bdc050a72
SHA512

37fe856fe1f9339eb4f89c28216448382335fcd1b6ed9f67ad7b8a8651aec6dc3f66e80bb84b2ae56d404827d56d1c5679e82a5a34afbee5538d65f1ce167992
SSDEEP

768:jTEB9/qEn5Im/altQlU719adrYa2GtV2FlazrHzqBJ5WxZ:j+Im/WtuU7+drh2W2Fcz7HxZ

Score

10^/10

blackmoon

Malware Config

Signatures

Blackmoon family
blackmoon

Detect Blackmoon payload 1 IoCs

resource	yara_rule
sample	family_blackmoon

Files

5dedf5596e35d5b60a65656470847f0665f71e1929b7aa9e0e9cb42bdc050a72
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

run

Sections

&�0
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

&�1
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

&�2
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE