blackmoon | 8272912ee1bf16a05192042253c37356e5944c0e26795772a14c606565ca58b6

Sharing

Copy URL

Twitter E-mail

General

Target

13c6557d63aa06db7cedebfbc5f0ff6c
Size

1.3MB
Sample

231225-k194psfbcr
MD5

13c6557d63aa06db7cedebfbc5f0ff6c
SHA1

92f976c1f4c57a808df09fb23380ce34360c0a5b
SHA256

8272912ee1bf16a05192042253c37356e5944c0e26795772a14c606565ca58b6
SHA512

73501bdb060f9cb7a0f5850f447ab3518d25656bf46a44c44dd90a10afb9a5086e3b577ce62b1988f1cd429dcf89b8ca2d6ca2f282c08fc8e973d2ede91b91ec
SSDEEP

24576:l0bHrWjb1l8bpkudlSwsd/Ygky5+jexfsaO+lcpQZpMfWfQoyE8uj3gBH4m8b:2LWvvepHbQ+jZyF6WfQJu8Bz8b

Score

10^/10

blackmoon upx

Malware Config

Targets

- Target
  
  YY5331过非法VE/DAHook.dll
- Size
  
  545KB
- MD5
  
  b5507db70f7d8b5f132e096176fa6619
- SHA1
  
  825b044b255d22daaaff5a19ceb7df49b2037f2e
- SHA256
  
  0a125b856b1c850e60a7ca98700205b5beb2bade887bf27ba43664d8f90dbcd8
- SHA512
  
  6445fe09d6d491f916d2b52c395edc89d67de42bc21cea8bcb538681c51a59fa4f8bbac3e00b8663dbc6043f7dfe0d06277d8f5a14685906a70db157de7b74e6
- SSDEEP
  
  12288:P98NrWTrzHhmw+l2dwiAcp3vgHmThT6YsFi9OT:P2qTxmw+IdhAchgHma9
Score

1^/10
behavioral1 behavioral2
- Target
  
  YY5331过非法VE/SysCallRetriever.exe
- Size
  
  608KB
- MD5
  
  97ec7e5901bd8d21dfcaf46f901a64e7
- SHA1
  
  154dd0688258a60159d78f35f90db511280b261d
- SHA256
  
  3b85cc71553647ad2ff61b58c1addea4027fa6dce87a5d3fa27f7d53dbdc06f0
- SHA512
  
  11380bb27e829c120324a4eb0c3d963dde73d484f2e638ddefe8427e07aa15dc5e404984a8159d6782f992d2f2135a5a6a59f3ffc867787e92d21d30c890f320
- SSDEEP
  
  12288:EQzf9fPaXlvtaeqT68wcVsDH1VmgyJXxbjG9G99GGG:tF6XpYeqT68wcVM1Agy
Score

1^/10
behavioral3 behavioral4
- Target
  
  YY5331过非法VE/SysCallSignal.exe
- Size
  
  19KB
- MD5
  
  6b245c322151dc4031afd186f6878019
- SHA1
  
  464257e563c16ee813644bc77828c20d9a4f20df
- SHA256
  
  86fd220ef8e935bf0d58a21b3e6088e27f3ae13b9a72420ed73d2d9e8ee7a914
- SHA512
  
  6f00b8754f59a13dae76a493fd11a0ae53e6d7e60985740ed05e75f213df4d413301b7053adc5d2d64e22a40bb97a86d8167660e8c709a49516b0abf2ed08249
- SSDEEP
  
  384:k0ILrmjPOpA8Z/ij7m+1Is9QCJI2o/I7SsuM2qxJpucCj+zgFJS:HIPppFZ/ija+1IGZ4A7SObxJpunjugFJ
Score

1^/10
behavioral5 behavioral6
- Target
  
  YY5331过非法VE/Vzla Engine.exe
- Size
  
  2.3MB
- MD5
  
  e9b474c85cf7783fbd41e8411844cac5
- SHA1
  
  1af729aa53eed933fecc77ee5633ff4aae61371b
- SHA256
  
  f1dbbe9ba61a7e03dcb263b3444a3ccaeabe165cda937864772ecd1e8c5771b7
- SHA512
  
  4dc75d9e10551cf801cdae469bf5f42cd1907cfe43a993695d35456d564a9c7ae138df284445987ac4de237925fcad8fdcdf8c52cddbcd182e72a11b7a2aceb8
- SSDEEP
  
  24576:UVXRfLOKgZDB21NmRPqx+1Ceg0bedstbvCz0qcWyth+Ybx12raCTb7Yt8NFmQaak:UVXmuHsg0bnU4krawb7Yt8NFmQJAa
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral7 behavioral8
- Target
  
  YY5331过非法VE/dak31.dll
- Size
  
  232KB
- MD5
  
  23aa676c5b6f91bfffa41cdd28f1afd1
- SHA1
  
  ad10842b3f6211b50416c3568b40c2400dbb94e0
- SHA256
  
  dc639cf3f8ad5a6875053f3719a88a9f50a18e92a9d3668cd5d8eecd094558ba
- SHA512
  
  b9e47522d43ff57b72216ae93c9ea1f53d572d1ee6e28457d8439daf5048024ffd091a38df2fa8ca9869f949efb8c23427d33f0dfc24003a971a4050a77fcfb3
- SSDEEP
  
  3072:H12+JqqGu1Bl0t05Np2dlUX0+Cx17F8QRJZKmOK3outKF/Z/A3fe0dSSxmG:HbJq/cBdFwT7SMJMzUoSS/Zsdfx
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral10 behavioral9
- Target
  
  YY5331过非法VE/dak32.dll
- Size
  
  106KB
- MD5
  
  0463cef2cd6017443a1773752323c79d
- SHA1
  
  40699ecda75219ced7f4a23af2399e738b9d1a25
- SHA256
  
  b2a043e5ae68c58f6f281485869b87270377ed89e8937a5da669f8c107c278be
- SHA512
  
  1a83dbf7732f8f8ee4daa5ea4511844a03c99fd1e11bca0ffff284995458554de4612579cb42683bf02af619de3e47091108fcaab69d3f6997819f0ca35fe4b2
- SSDEEP
  
  1536:7BQgyJrXNuMPB5JSxCAG6S0Hg3fQ9WTsKrfkvDiP9an/mtZnI:lQgyJrXNumLAVS0A3o9WTsAfkvUDnI
Score

1^/10
behavioral11 behavioral12
- Target
  
  YY5331过非法VE/dak32.sys
- Size
  
  29KB
- MD5
  
  014f006b9fb6a87669caf46f80fc6b3f
- SHA1
  
  fef8ff2a1f6f68784f1476417ba603a219a087de
- SHA256
  
  451c31a1dba16cc7a6045fa7d28f2e573457220af6af586cf071bb64243bd82b
- SHA512
  
  008a4e1c84024c21483bbb5dcb4cddec26a60c84bce947678ecd97e57c12fe1657ed53f94c29b95ad5ccf1c8ae9830d7a5e1cce89e47171a63515d279a48bfbe
- SSDEEP
  
  384:xtdam6NuIKdzpywS+2GzjMDRRabS66FfGMZDRnmlOfDD4G:59SOURabSJnmlOfD
Score

1^/10
behavioral13 behavioral14
- Target
  
  YY5331过非法VE/emptydll.dll
- Size
  
  17KB
- MD5
  
  86ab9d6421450072c6352e4d1fc4162b
- SHA1
  
  685157eb4b3e4c4cc5c9b85a21bf5d08d4df4048
- SHA256
  
  51422b02981a2e6c621004933a15d410787bbf2da9e6cdce94a01c7b6564aa87
- SHA512
  
  f90c0ff42f3c1668777c82ee2e78cea613ec7d8d41e828c2c23c61fc292fc55d59cae675608a66f60220186cb9a8841b8c033d079e01cd9232b6e184fb0f7c90
- SSDEEP
  
  384:kb0ILrmjPOpA8Z/ij7m+1Ir9QCJHBAWy/I2RU7OtNzcCl:DIPppFZ/ija+1I5ZmnAfkr
Score

1^/10
behavioral15 behavioral16
- Target
  
  YY5331过非法VE/emptyprocess.exe
- Size
  
  43KB
- MD5
  
  40142e93aafee7a1d84dcc9d023c1b41
- SHA1
  
  3d8f0dfa47da722e07bd7c6226daeaff4b2960d9
- SHA256
  
  d81579d4701acf59dcfe0e278ebedf9afb7a3261bd561117d0b3d7a67c5ea939
- SHA512
  
  369508f4cecb745d44454dd37992187119378ca8f788b6f17f93ed4c8f172f3a1710762dec2f0860f26db77d6ec7c70ac17635c03d4b1af3e8ed88e00c955677
- SSDEEP
  
  768:HppnF5/ija+1IORNba3wFaEhXAaxyzirdQ9mTdYnL7BGB/o414liqDvy8x:HpJWxahknxymTSK7Jwvbx
Score

1^/10
behavioral17 behavioral18
- Target
  
  YY5331过非法VE/腾讯游戏过非法.exe
- Size
  
  49KB
- MD5
  
  28249903e4a2472f42fdbdb2665afc35
- SHA1
  
  85418dbc459c948b4dbed2fb1bbcb0ea01227b56
- SHA256
  
  ae38bbba4ca7c6dd2ee4775535165ea84e641d72d3bb8632cbfe18e0f4946e14
- SHA512
  
  1e8bf53d293a43f9b5e20b9c707aa87d3e4b78219d8a561d504ca150efc29b8120bb74b9514c9c98d207a0ee07d597ea4685d0ed6ce5aa2895d1f942b6b2eaa7
- SSDEEP
  
  768:AdpnF5/ija+1IONi6gtLVwmsJCupw1aY8r9O1DLS6te5uzxq5qirlT67j8x:AdJiLgtLopw1j16uTArx
Score

1^/10
behavioral19 behavioral20

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

UPX packed file

UPX packed file

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20