blackmoon | f2e2798e8cec3af5629f324439350256ae99e1e4d1ab408363c0912f42969bbc | Triage

Sharing

General

Target

f2e2798e8cec3af5629f324439350256ae99e1e4d1ab408363c0912f42969bbc
Size

4.3MB
MD5

8826fc5c2e958c1383f6d95120dce383
SHA1

1d1f2939c911af039448cc4e1c6c93735e6cd257
SHA256

f2e2798e8cec3af5629f324439350256ae99e1e4d1ab408363c0912f42969bbc
SHA512

3606f2fc4bb0e8753c2829f0e0c7c4d72a374c082d735ccfee2e700a96974cca731ac35ef447837b33da7be8effd68b8bd779ba6f60aed7b11bae771b50e837a
SSDEEP

98304:anrCk/0EZTpNAOS4pW1dmv7kfPGH4Ap/Do:adsqNAOQ1Av7uGH

Score

10^/10

blackmoon

Malware Config

Signatures

Blackmoon family
blackmoon

Detect Blackmoon payload 1 IoCs

resource	yara_rule
sample	family_blackmoon

Files

f2e2798e8cec3af5629f324439350256ae99e1e4d1ab408363c0912f42969bbc
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

JAVA
Size: 4.3MB - Virtual size: 4.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

JAVA
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE