blackmoon | b2c59848555450b40e7f7aaa8cfaf7fefefd6bdd089ffb0c8f9034caa0d3e7ba | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b2c59848555450b40e7f7aaa8cfaf7fefefd6bdd089ffb0c8f9034caa0d3e7ba
Size

80KB
MD5

4fea04845c1b858063767248ebe5f856
SHA1

974f9c24117d41dc27b7f06d5f2bd3e96a64de3d
SHA256

b2c59848555450b40e7f7aaa8cfaf7fefefd6bdd089ffb0c8f9034caa0d3e7ba
SHA512

4c6dfe4c5c71295efe78bae9a05f23e4aedf60c5766b6cf7b54e0bac8cd1ad78d30175e4386e46467a066329793c84a378c738ec2fd7d408f4bdac1cc89a9332
SSDEEP

768:1doF/PjJaIm//39QqUHBNadrwa2edb9HmZELLsdbIWRWeFWxZ:yDm/P9xUH6dr52edb9G4iSxZ

Score

10^/10

blackmoon

Malware Config

Signatures

Blackmoon family
blackmoon

Detect Blackmoon payload 1 IoCs

resource	yara_rule
sample	family_blackmoon

Files

b2c59848555450b40e7f7aaa8cfaf7fefefd6bdd089ffb0c8f9034caa0d3e7ba
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

run

Sections

:4�n0
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

:4�n1
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

:4�n2
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE