blackmoon | af514275675fd21a76fa9562348b0d50da38c3f3e096024b3183764542b50c36 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

af514275675fd21a76fa9562348b0d50da38c3f3e096024b3183764542b50c36
Size

80KB
MD5

102607c0b52c766c392e38deb72b4871
SHA1

d4bdcd7cec3b85b98d6a1c4acc7fbdde39aec7cf
SHA256

af514275675fd21a76fa9562348b0d50da38c3f3e096024b3183764542b50c36
SHA512

40ad7410b82676657fcb6fb63fd124d20471d4fcf1f1e07d57e8b0f9976f8127b92a75b214604592d6a25cfa2e1182202fdb8f5e2beab74342aa0c8429772239
SSDEEP

768:0MFz18Cn+Im/aVtQeUMQ9adrKa2Vru5dCnrcqbGfzHWxZ:d/m/2tFUMRdrj2VydCrhSfyxZ

Score

10^/10

blackmoon

Malware Config

Signatures

Blackmoon family
blackmoon

Detect Blackmoon payload 1 IoCs

resource	yara_rule
sample	family_blackmoon

Files

af514275675fd21a76fa9562348b0d50da38c3f3e096024b3183764542b50c36
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

run

Sections

�_'0
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�_'1
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�_'2
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE