242bde108d2a4f53fe288caefbf4bf80_NEIKI | Triage

Sharing

Copy URL Twitter E-mail

General

Target

242bde108d2a4f53fe288caefbf4bf80_NEIKI
Size

65KB
MD5

242bde108d2a4f53fe288caefbf4bf80
SHA1

94145786750be81d7b0258382e3aa5c38cee0812
SHA256

fa4dfa5da8f440f536eecf602b84604eacf6c5309f0f94127896be2574d3a372
SHA512

e086cb6fd525a84147d02b260d4e2d78a7cef5e4478095939a504c63fc9c731a659484e9b0835f74c225d0ec097e2cf5bbac7a0a6e2679ba11d314bb20700e66
SSDEEP

768:N+CLZoyIm5mn0000IFL8VlVJovlNHBvBPcFhl1WVe8gbxfxhM+g6k:N51tI/nIFLcJonhpPcjiebbxphM+S

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

242bde108d2a4f53fe288caefbf4bf80_NEIKI
.exe windows:5 windows x86 arch:x86

Code Sign

e2:90:a7:79:9d:9d:59:f8:16:f9:9e:16:84:63:43:97:9a:e1:1c:f6
Signer

Actual PE Digest

e2:90:a7:79:9d:9d:59:f8:16:f9:9e:16:84:63:43:97:9a:e1:1c:f6

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 14KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE