Behavioral task
behavioral1
Sample
809624faf15f44e1dd36c92f119c9f40_NEIKI.exe
Resource
win7-20240508-en
General
-
Target
809624faf15f44e1dd36c92f119c9f40_NEIKI
-
Size
52KB
-
MD5
809624faf15f44e1dd36c92f119c9f40
-
SHA1
144cef5fc819fcbf3e8a967b720d4b30d2d5f90a
-
SHA256
c116710e1d8bcfd21f6bb0f57d3de32638d6824fb3acf3546b7526388d3781e8
-
SHA512
f26d4202d487ac22ec8de0e46f8b27b3e37182f5e9f4f6528fad9d065ec8f3db1985986f470ee261b79362b72813d05ac214fe4a90ffcfa65f9e74625b307d44
-
SSDEEP
1536:RvQBeOGtrYS3srx93UBWfwC6Ggnouy8Cp:RhOmTsF93UYfwC6GIoutc
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 809624faf15f44e1dd36c92f119c9f40_NEIKI
Files
-
809624faf15f44e1dd36c92f119c9f40_NEIKI.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 104KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 40KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ExeS Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE