3484be83266f34bc77d419d5a4aa8940_NEIKI | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3484be83266f34bc77d419d5a4aa8940_NEIKI
Size

120KB
MD5

3484be83266f34bc77d419d5a4aa8940
SHA1

2c533e1d9743eaa49d2f194fcd3388d26521845b
SHA256

cc20480c53ec9781307366d0bdab5ed5a4bd424c3189642c604c78a6f99f1fbd
SHA512

4320f2af8f22baf6ca1d36c39e9ad140f23a8a61118182ea938dfddcbcd1db364dd137c73088652cfe5de4c024627c1860fa518ea951190fac8f64cf22ef485e
SSDEEP

3072:Y7q8hp3bu06WiZ1HsedWLwz2n7rWFeNVsXm:Y7fp3K0FiZ1MevUUX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3484be83266f34bc77d419d5a4aa8940_NEIKI

Files

3484be83266f34bc77d419d5a4aa8940_NEIKI
.dll windows:4 windows x86 arch:x86

0f44bf2b3b0b8d5ecae5689ff1d0e90d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateProcessA
CloseHandle
WriteFile
CreateFileA
GetTickCount
lstrcpyA
lstrcatA
lstrlenA
GetTempPathA
SetErrorMode

user32

wsprintfA

Sections

.text
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 376B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ