NikoLdr[.]dmp (1)[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NikoLdr.dmp (1).zip
Size

792KB
MD5

db13be26a0dfb05998ff6c547df9550b
SHA1

519edead5270fb9eeb9184cabcd111a7862f844b
SHA256

d762bb8ae97030075d347a1e5d027803d1fe2167200caf712c646a642839f83d
SHA512

ee8ed0ef4ddf6a697e275473b03578bb7e37d8096fd22eb4d95763f4c19a74e318a01dd7ead20ea1ce69bde4b83854e092d3e6d1fe2a1bbb0f97bd11a4f6efab
SSDEEP

24576:jwBNtmY85+J62mV3OyI7u/lmi8s7fSL1xR:0BNux2i311Q8fSL1xR

Score

1^/10

Malware Config

Signatures

Files

NikoLdr.dmp (1).zip
.zip

Password: nigger
NikoLdr.dmp.exe
.exe windows x86

Password: nigger

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1007KB - Virtual size: 1006KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ