7b0789c6e23fcf7bffc6d8467558d220_NEIKI | Triage

Sharing

General

Target

7b0789c6e23fcf7bffc6d8467558d220_NEIKI
Size

119KB
MD5

7b0789c6e23fcf7bffc6d8467558d220
SHA1

39d9c82dac1ba3f418f248163300d5c602e8e2a8
SHA256

b1a2dc550705fe2ea7526252274141e18b7553980af6a607dc693b212b625eca
SHA512

95864f42fcc7a70cd0fb689a10119d8b131423ecb9ed59a1a5c665bc61f66a700b3b7107d27596772604d6aa8f8dc813689af66d5e51b97f523004aecbf9ce5e
SSDEEP

3072:osFN6vpVUPuA8smUQATgcOqfCoqBTE/XiCXkp:pspVpA8VUQ2gcO7wfiO0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7b0789c6e23fcf7bffc6d8467558d220_NEIKI

Files

7b0789c6e23fcf7bffc6d8467558d220_NEIKI
.exe windows:4 windows x86 arch:x86

ca388d5f44060ab9914ae5c708f6f125

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreatePrivateNamespaceW
GetTickCount64
SearchPathA
PulseEvent
DebugActiveProcess
GetThreadErrorMode
ConvertDefaultLocale
GetEnvironmentStringsW
IsBadStringPtrW
HeapFree
CreateDirectoryA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE