blackmoon | 7d2c7f9a8a31d91bab4f5f07647ac5866bc7ac24bb1068d6af4b1bca4fc10f65

Sharing

Copy URL Twitter E-mail

General

Target

7d2c7f9a8a31d91bab4f5f07647ac5866bc7ac24bb1068d6af4b1bca4fc10f65
Size

3.6MB
MD5

b15f8a1c7feb2bb20d9ea5b8169bab0e
SHA1

a7816d8638594483715467b89bb2b78f63eb0b31
SHA256

7d2c7f9a8a31d91bab4f5f07647ac5866bc7ac24bb1068d6af4b1bca4fc10f65
SHA512

221401a0a91da6e30b1d748428fcf2876fbf0743f341034b233bf410a42d35662ca4943abad6129a1141e323a3767ce426ecb562488c16d6c3f5d3ed013aafd3
SSDEEP

98304:csGHhRpssQ8PNccTc3TMCtZx7CmKCdmeZ2tJNDx:csGHhRpssQ8PNccTcVtZ8mNmk09x

Score

10^/10

blackmoon

Malware Config

Signatures

Blackmoon family
blackmoon

Detect Blackmoon payload 1 IoCs

resource	yara_rule
sample	family_blackmoon

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7d2c7f9a8a31d91bab4f5f07647ac5866bc7ac24bb1068d6af4b1bca4fc10f65

Files

7d2c7f9a8a31d91bab4f5f07647ac5866bc7ac24bb1068d6af4b1bca4fc10f65
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

ServiceMain
init

Sections

.text
Size: 864KB - Virtual size: 864KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 192KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text1
Size: 832KB - Virtual size: 832KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.adata
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data1
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc1
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.pdata
Size: 420KB - Virtual size: 420KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

.text Size: 864KB - Virtual size: 864KB

.rdata Size: 28KB - Virtual size: 28KB

.data Size: 192KB - Virtual size: 192KB

.reloc Size: 36KB - Virtual size: 36KB

.text1 Size: 832KB - Virtual size: 832KB

.adata Size: 64KB - Virtual size: 64KB

.data1 Size: 12KB - Virtual size: 12KB

.tls Size: 4KB - Virtual size: 4KB

.reloc1 Size: 64KB - Virtual size: 64KB

.pdata Size: 420KB - Virtual size: 420KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 864KB - Virtual size: 864KB

.rdata
Size: 28KB - Virtual size: 28KB

.data
Size: 192KB - Virtual size: 192KB

.reloc
Size: 36KB - Virtual size: 36KB

.text1
Size: 832KB - Virtual size: 832KB

.adata
Size: 64KB - Virtual size: 64KB

.data1
Size: 12KB - Virtual size: 12KB

.tls
Size: 4KB - Virtual size: 4KB

.reloc1
Size: 64KB - Virtual size: 64KB

.pdata
Size: 420KB - Virtual size: 420KB

.rsrc
Size: 4KB - Virtual size: 4KB