blackmoon | 62f01e4942678fd6c05b81e7373ae4c1ef105f5fd15b7fab81542628fbf68d69 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

62f01e4942678fd6c05b81e7373ae4c1ef105f5fd15b7fab81542628fbf68d69
Size

80KB
MD5

f8badc634f891081abc0b1f9665ad390
SHA1

35b129ef78e3858a6170cc76e9eae402a20f9486
SHA256

62f01e4942678fd6c05b81e7373ae4c1ef105f5fd15b7fab81542628fbf68d69
SHA512

e90b647f7ba5aaab6ddcbc54ee1731778571a23df69097ac5979333831b286f85bf8a8395e45ff5a931cd2bf5e16a12a7acdfcc1e526d5489583a241c3c668e5
SSDEEP

768:gcxX8etsIm//39QqU8QNadrna2wWyPU2a/ZbRBsAVqsbX6WxZ:rTm/P9xU8Bdra2wXPk/ZNBsAVqmXfxZ

Score

10^/10

blackmoon

Malware Config

Signatures

Blackmoon family
blackmoon

Detect Blackmoon payload 1 IoCs

resource	yara_rule
sample	family_blackmoon

Files

62f01e4942678fd6c05b81e7373ae4c1ef105f5fd15b7fab81542628fbf68d69
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

run

Sections

�V0
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�V1
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�V2
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE