blackmoon | bb1d357dc072ae80b802078b660294f6235119bfc53d4ed69509ed899f4ceac8 | Triage

Resubmissions

14/09/2024, 12:55

240914-p5r6xavflb 10

14/09/2024, 12:54

240914-p5hmgavfkb 10

Sharing

General

Target

bb1d357dc072ae80b802078b660294f6235119bfc53d4ed69509ed899f4ceac8
Size

4.8MB
MD5

962dfa91556861c003af28c8d02b34da
SHA1

d436304aea723769cc0f05189e6e81577f56b2a7
SHA256

bb1d357dc072ae80b802078b660294f6235119bfc53d4ed69509ed899f4ceac8
SHA512

f2ea1c5a55518ef170d2bed91ffd0eff6aa8feaa357ee4fa641134716e15b2c26001b268147fb2ca4d7361bbe559fd626602544a7026d25154a4a41042a2b893
SSDEEP

98304:GDYKNw7+K7Wr7EZ2VS9JR4+5IaWuW8aqAoexMz:GlNqu7EZCS9Jn5AJwAoexMz

Score

10^/10

blackmoon

Malware Config

Signatures

Blackmoon family
blackmoon

Detect Blackmoon payload 1 IoCs

resource	yara_rule
sample	family_blackmoon

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb1d357dc072ae80b802078b660294f6235119bfc53d4ed69509ed899f4ceac8

Files

bb1d357dc072ae80b802078b660294f6235119bfc53d4ed69509ed899f4ceac8
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20.2MB - Virtual size: 20.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 312KB - Virtual size: 761KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmps0
Size: 3.9MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmps1
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ