6fa0080a2ff38287f0201c436b9e7da0_NEIKI | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6fa0080a2ff38287f0201c436b9e7da0_NEIKI
Size

3.6MB
MD5

6fa0080a2ff38287f0201c436b9e7da0
SHA1

f77fdb2ab4ed120a9ae16d630a3e3a666269d4a4
SHA256

c5d6a29bf8696dea26c884d1f44830df95c67aff23a71ff366c023fe0dfc0856
SHA512

515d51caf23b3ea502fbac4d3a5fa03d07c667d3a16f12a92e896dc0452920ed8b98ce0bd1a246b15c114df31c6bbdaec4acfd9d4f085fa3a2b28353a329bd8e
SSDEEP

49152:dsgY1bXNn4iM1mo7JFAU9YfLxd4cY1DJmXTHX1bLu1LriJzf64iVDJEm:+gwrNn4Yo7Lefb4cY1DY5bL4Lrc7NaJT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6fa0080a2ff38287f0201c436b9e7da0_NEIKI

Files

6fa0080a2ff38287f0201c436b9e7da0_NEIKI
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 36KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.winlice
Size: - Virtual size: 4.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ