4ef0c2a6d6a1190a69895121c3c3e330_NEIKI | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4ef0c2a6d6a1190a69895121c3c3e330_NEIKI
Size

942KB
MD5

4ef0c2a6d6a1190a69895121c3c3e330
SHA1

944cf00c7c2181aab3d403b8a1dc096fb12e0083
SHA256

c096851a6df9234d52ab7bcd70b69369c0125dcf1ce10b5a322a977e1ab190e7
SHA512

fe50cf877ce257b8acffac8723f9f30fe14da79185b6c5e23a34d094b33c19bd03273ebca114c095980896ccfded08a0f8399537ce704374988602a2f1be7327
SSDEEP

24576:albUnuInQ4jZ3gBVkaXUqFYACv5j9UX88iqACokgaKut9KT9VZp/YYOIL/wHz/qd:albUn3nQsZwB3UqFYACvT4Hz/q3e/q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4ef0c2a6d6a1190a69895121c3c3e330_NEIKI

Files

4ef0c2a6d6a1190a69895121c3c3e330_NEIKI
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

R:\TempView\Output\Plugin\Com.Tencent.QQShow\Bin\QQShow.pdb

Sections

.text
Size: 494KB - Virtual size: 493KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 288KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ