blackmoon | c73f4cddc429fd0b66965d12bb4abe125bee885bbf750856bede5bf9e5026922 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c73f4cddc429fd0b66965d12bb4abe125bee885bbf750856bede5bf9e5026922
Size

1.3MB
MD5

02df52c5cd95515c54ba52ac2e0f7782
SHA1

6e3feab2932eb2b8469816c19c1c3bf6b22e6cd8
SHA256

c73f4cddc429fd0b66965d12bb4abe125bee885bbf750856bede5bf9e5026922
SHA512

86a4efa231d972e30b146d8d8f2547049fe3cb121ff46d91639ee9b7ccd6b11972f7ba00d97cf3b08e040f5856066fba5ebf7ffe3a4a3e31064dea210fff93c0
SSDEEP

24576:HZKvTN13hDo+0YGsVbm6vqfdn6DtgOZWX9/0bcSf28sJSJrSP+:HZKbj370NAbm6BgOUXGbcSf28sEh

Score

10^/10

blackmoon

Malware Config

Signatures

Blackmoon family
blackmoon

Detect Blackmoon payload 1 IoCs

resource	yara_rule
sample	family_blackmoon

Files

c73f4cddc429fd0b66965d12bb4abe125bee885bbf750856bede5bf9e5026922
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

1~~0
Size: 936KB - Virtual size: 936KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

1~~1
Size: 332KB - Virtual size: 332KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

1~~2
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE