67da6c98f82b7960cc4f1748cf4bc970_NEIKI | Triage

Sharing

General

Target

67da6c98f82b7960cc4f1748cf4bc970_NEIKI
Size

119KB
MD5

67da6c98f82b7960cc4f1748cf4bc970
SHA1

d5aa2c5cbae2566e21dd66353855469a437cf19f
SHA256

ab0868e438366d6b6b6cc8b6ca69ffb47d26411ea3b61a18b193902b05ee0d7e
SHA512

0f947c819f584271a422ddd6c3a11f66d8bdb9f5b9e4d8c2d99b792be92dc6ca55dd008eb34be3478fed5ff4b5b8460189437dae28e28a410093173e9d91cfd4
SSDEEP

3072:dzM8TyqVt14NWyNIWqNUVIFbDV5zcaXf4zJ6KYax/ByLUiK:lnTyWNyqpeO5ncav4zlbyq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67da6c98f82b7960cc4f1748cf4bc970_NEIKI

Files

67da6c98f82b7960cc4f1748cf4bc970_NEIKI
.exe windows:4 windows x86 arch:x86

f44134d1cdfb2a8c2c9b0f8963ad518b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EraseTape
GetVersion
GetCalendarDifferenceInDays
QueryFullProcessImageNameA
GetActiveProcessorCount
BasepAllocateActivationContextActivationBlock
GetThreadContext
QueryProcessAffinityUpdateMode
WriteConsoleOutputCharacterW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE