blackmoon | 9b3963208b6558b3b13c38d3b40958200b5d0b9404758cbe142a36d9df875511 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9b3963208b6558b3b13c38d3b40958200b5d0b9404758cbe142a36d9df875511
Size

80KB
MD5

f8113375dcce91dfe94884768690b795
SHA1

e4eef52fc36dd2ef3696cc6c6d7da2dd654c5973
SHA256

9b3963208b6558b3b13c38d3b40958200b5d0b9404758cbe142a36d9df875511
SHA512

b85f8acc0839791e2af346d1e93274842da80ecbd8930489445793aa2926aa67877868df647ed4893bf74f0b48cc8dafc61f3561f87b240e2230b7c06687c57a
SSDEEP

768:kMFz18Cn+Im/aVtQeUMQ9adrra2Vru5dCnrcqbGfzHWxZ:t/m/2tFUMRdr+2VydCrhSfyxZ

Score

10^/10

blackmoon

Malware Config

Signatures

Blackmoon family
blackmoon

Detect Blackmoon payload 1 IoCs

resource	yara_rule
sample	family_blackmoon

Files

9b3963208b6558b3b13c38d3b40958200b5d0b9404758cbe142a36d9df875511
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

run

Sections

�`C0
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�`C1
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�`C2
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE