blackmoon | adf6cc3c7f62536253c526d0ff5e2974353651b625978860e0a73d2d47108540 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

adf6cc3c7f62536253c526d0ff5e2974353651b625978860e0a73d2d47108540
Size

80KB
MD5

f292579d0718dc9c8266610eb7969343
SHA1

4c481c18d9eb2c98f67b105dcb6f1c9365f8ccb4
SHA256

adf6cc3c7f62536253c526d0ff5e2974353651b625978860e0a73d2d47108540
SHA512

cc5c269cf97d48e3bd8418c9a06969ae38108ca672c12fbe4cdc3379e92b24548b21a0e7a0e29031d4be54195fc439027c5aa6d973080c912b10733019d2c423
SSDEEP

768:9doF/PjJaIm//39QqUHBNadrka2edb9HmZELLsdbIWRWeFWxZ:6Dm/P9xUH6drt2edb9G4iSxZ

Score

10^/10

blackmoon

Malware Config

Signatures

Blackmoon family
blackmoon

Detect Blackmoon payload 1 IoCs

resource	yara_rule
sample	family_blackmoon

Files

adf6cc3c7f62536253c526d0ff5e2974353651b625978860e0a73d2d47108540
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

run

Sections

�]�0
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�]�1
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�]�2
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE