blackmoon | 90dedb5c9aa5f02ec1a18b733022a060_NEIKI | Triage

Sharing

Copy URL Twitter E-mail

General

Target

90dedb5c9aa5f02ec1a18b733022a060_NEIKI
Size

1.8MB
MD5

90dedb5c9aa5f02ec1a18b733022a060
SHA1

73c78dd48304b002c02e23f2d0d0f232525868e2
SHA256

b82f68d119daceee863b15c955a2bddb0af9f3d672a299cb8d9efc98a47f5688
SHA512

b5ce505e260a07257e5de3ee790f949ca8dd51dc24f2fe93597ee8c0f07a879d977171157f90741f5bb9913f43f233ae6f3c239860b643a47e4ea48b47eae3bc
SSDEEP

24576:HfqMeY3QBhoWYJgIDWAeTkzZ+RkFN/yKBUZZAFDrrqBh3SWgSklWXKBUZ/:HneXoWS5ZRN/yKiZEDrKBST1WXKiZ/

Score

10^/10

blackmoon

Malware Config

Signatures

Blackmoon family
blackmoon

Detect Blackmoon payload 1 IoCs

resource	yara_rule
sample	family_blackmoon

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
90dedb5c9aa5f02ec1a18b733022a060_NEIKI

Files

90dedb5c9aa5f02ec1a18b733022a060_NEIKI
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 600KB - Virtual size: 597KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 748KB - Virtual size: 744KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 288KB - Virtual size: 546KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 152KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.htext
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE