137d408aada1b90b8038b579c4b99ad0_NEIKI | Triage

Sharing

Copy URL Twitter E-mail

General

Target

137d408aada1b90b8038b579c4b99ad0_NEIKI
Size

1.8MB
MD5

137d408aada1b90b8038b579c4b99ad0
SHA1

4222025917c7e93dc7aefe0721eec37e2795bf00
SHA256

7506a6bff8d51fab7e05ea0e587474f5d61be1a809bfe9fb494f22e04309c91f
SHA512

f8adf86e47f263863584b17f888c9d6c99f8370f11a891aa4f6894ece92d219c109a8a12ed3718eed562068b476e0f9db57221ad1d99076d8b7d62b528976e32
SSDEEP

24576:yCTFCqdpKrZmsmjxRFVyblI7GknbwWY+uQAwyz6D6:yCTR0kFN7G+wW7Up+D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
137d408aada1b90b8038b579c4b99ad0_NEIKI

Files

137d408aada1b90b8038b579c4b99ad0_NEIKI
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

gf_F1H4053_FORM

Sections

CODE
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 6KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 83B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 609KB - Virtual size: 609KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ