84d1e034c2d604048d7a98667c8a43b0_NEIKI | Triage

Sharing

Copy URL Twitter E-mail

General

Target

84d1e034c2d604048d7a98667c8a43b0_NEIKI
Size

26KB
MD5

84d1e034c2d604048d7a98667c8a43b0
SHA1

cec9e693fcad42c721da78b3dc6597aa15eca82f
SHA256

11a207230576f89c1c01051833431a1686f6b54044b6151615823d97ba124256
SHA512

f0df6ec82195244af369c04f7c6de55a9f1b9f3f92b183a5b6f61f74d0cf0a913f5431c734ac1de17f453f54d774e31082a1ab954f88d58ec7cbf89495bc0d5e
SSDEEP

384:JKwW1hWH0sngm0GftpBjNbAhZmNCfjd28JN77hhq3l/m3S+crlndaVrQOp9:8EngVi/Ah/H3hOV52

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
84d1e034c2d604048d7a98667c8a43b0_NEIKI

Files

84d1e034c2d604048d7a98667c8a43b0_NEIKI
.dll windows:10 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-process-l1-1-0.pdb

Exports

Exports

_beep
_cwait
_execl
_execle
_execlp
_execlpe
_execv
_execve
_execvp
_execvpe
_loaddll
_spawnl
_spawnle
_spawnlp
_spawnlpe
_spawnv
_spawnve
_spawnvp
_spawnvpe
_unloaddll
_wexecl
_wexecle
_wexeclp
_wexeclpe
_wexecv
_wexecve
_wexecvp
_wexecvpe
_wspawnl
_wspawnle
_wspawnlp
_wspawnlpe
_wspawnv
_wspawnve
_wspawnvp
_wspawnvpe

Sections

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ