blackmoon | dd1a2ae7a0f8c1dfa42a101fc3c8a6f45aa641249aed4e3ad3c587c403a4ee3c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dd1a2ae7a0f8c1dfa42a101fc3c8a6f45aa641249aed4e3ad3c587c403a4ee3c
Size

80KB
MD5

c7b8752aeb235e3ce78acbdafba9152d
SHA1

a23b1c7a49ee56e49835ee7f71d47235ead4d05c
SHA256

dd1a2ae7a0f8c1dfa42a101fc3c8a6f45aa641249aed4e3ad3c587c403a4ee3c
SHA512

1f6a14c98fc02ea0beec223ddba096e74b8e0ca95354fc7950da80f81a9167b077973d2e153f1afaad174ee301bbc4907f3d6a2b6c06f2541103cdf4649f74f5
SSDEEP

768:lmvT5hPKXIm//39QqUCaNadrxa2TI5ccdmGLkiGoWxZG:6H5m/P9xUCDdrE2T9QZuxZG

Score

10^/10

blackmoon

Malware Config

Signatures

Blackmoon family
blackmoon

Detect Blackmoon payload 1 IoCs

resource	yara_rule
sample	family_blackmoon

Files

dd1a2ae7a0f8c1dfa42a101fc3c8a6f45aa641249aed4e3ad3c587c403a4ee3c
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

run

Sections

�R�p0
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�R�p1
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�R�p2
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE