blackmoon_dump[.]exe | Triage

Resubmissions

24-08-2023 22:15

230824-16llashe9w 3

Sharing

General

Target

blackmoon_dump.exe
Size

2.0MB
MD5

61208f137cbb853871f5ce3748a6200a
SHA1

a232adf323e65be99d6a246c529c1de5ab979007
SHA256

06729a86331f37cb44e584e9f01b3327a2e9bbbfa3c24fd6f710e1f4ff823f25
SHA512

9558a27440081d98909bb2e481ad3d2ae00af8f6ae7c4c897d10b8696dea5e7e88763e41243466f050bd5f3e666c14ab45effc72e48277458fc78f48f250dafb
SSDEEP

49152:yNFMxKIBrT0ohsZsbCUvpcGXINzV9P9J:6FghBrT0ohfbClzV9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
blackmoon_dump.exe

Files

blackmoon_dump.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.nsp0
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp1
Size: 739KB - Virtual size: 740KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp2
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE