6e461a725ce2dce12c1255b39f89c080_NEIKI | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6e461a725ce2dce12c1255b39f89c080_NEIKI
Size

64KB
MD5

6e461a725ce2dce12c1255b39f89c080
SHA1

b8ec00dca2425fddfb66ac75816dd2f7fbbf5fde
SHA256

6bdb4d8e1817a67c0971fcbc2d58b749c5d31fb23236aad9140c3bd3f7e6ff92
SHA512

2eefe4124bafbe5b714ef367238941cfd21db42c90b301abbe0a233dd3a70951e6484b61ddf71cfc3bc978d1fd8b41f19222f60cbb10c2675adfeabb2d546c03
SSDEEP

768:/R9UbBhGyYDR8HE0aUyBxryM7Tqflt0OUTrlkZAVNX2fQLoHsLCAphnTuv8Sj//Z:/N9RBAY0kvxkOVh9GCHl0V4Dk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6e461a725ce2dce12c1255b39f89c080_NEIKI

Files

6e461a725ce2dce12c1255b39f89c080_NEIKI
.dll windows:5 windows x86 arch:x86

aebfc4b3814721fbdec3c665c4307e32

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcr110

__crtUnhandledException
__crtTerminateProcess
__CppXcptFilter
_amsg_exit
_malloc_crt
_initterm
_initterm_e
_crt_debugger_hook
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
__clean_type_info_names_internal
_except_handler4_common
memcpy
realloc
malloc
fprintf
__iob_func
memset
free
memmove
memcpy_s
_lseek
_read
_write

kernel32

GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
DecodePointer
EncodePointer
IsProcessorFeaturePresent
IsDebuggerPresent
DisableThreadLibraryCalls

Exports

Exports

ppm_constructor
ppm_destructor
rar_init_filters
rar_unpack
rarvm_free

Sections

.text
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ