blackmoon[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

blackmoon.bin
Size

740KB
MD5

40bf95afeaaaba84375bb48c0d93983b
SHA1

11246a541634be5647ff82ce27a36a3e6141c031
SHA256

7bb1e2810d3f756a3c8d754380312f01d8b7dd66703d139a468927312bb7f2e4
SHA512

bc45133b6922241fb5481838ff9af0f5382a5b01388319d34e251148678f6ad172e3dab03cd720f38bf8f0152bfddc678f53a33bb0ca6f6ecc5e24ece53fd8bf
SSDEEP

12288:vvpcGX78r1zscJTTNuUxqoNNqqBT9PwXq7KhKtO+gFT1:vvpcGXIKcVIoNN3V9PwC7U+g3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
blackmoon.bin

Files

blackmoon.bin
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.nsp0
Size: - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp1
Size: 739KB - Virtual size: 740KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp2
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE