blackmoon | 242192cb5cfbdfd9651199b8420d8687a0c50f9b3ed8727d679525a897015289N

General

Target

242192cb5cfbdfd9651199b8420d8687a0c50f9b3ed8727d679525a897015289N
Size

9.8MB
MD5

809215e73a562e718cfe7ac031f09780
SHA1

080547f0c21d5d7a7e320345a9a699169bb409d5
SHA256

242192cb5cfbdfd9651199b8420d8687a0c50f9b3ed8727d679525a897015289
SHA512

bb16e108a8d504e03d9bf0c0d244fea8752610e38ba7da62558b5d440deade3ac083d57f08c5c06e81e731883bfa69c84ae48c40bcc74b214f8eacf7138b89cc
SSDEEP

98304:TRoeO6XTBJYazImknGzZr+HIPFtmOZ9G17xwFB5URUSKnaSOdroSCa:NoeO6XTYxmknGzwHIPHd9swFBubKT

Score

10^/10

Detect Blackmoon payload 1 IoCs

Processes:

resource	yara_rule
sample	family_blackmoon

mimikatz is an open source tool to dump credentials on Windows 1 IoCs

Processes:

resource	yara_rule
sample	mimikatz

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
242192cb5cfbdfd9651199b8420d8687a0c50f9b3ed8727d679525a897015289N

NSIS installer 1 IoCs

installer

Processes:

resource	yara_rule
sample	nsis_installer_2