Behavioral task
behavioral1
Sample
974f3019464791c67ca4560d25149570_NEIKI.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
974f3019464791c67ca4560d25149570_NEIKI.exe
Resource
win10v2004-20240508-en
General
-
Target
974f3019464791c67ca4560d25149570_NEIKI
-
Size
580KB
-
MD5
974f3019464791c67ca4560d25149570
-
SHA1
f967d0f6c14603b53cfd4c7713335b5ec70822eb
-
SHA256
83fbb7e5270b62be22cb467f3722130ac864510c77975cde4c767c9b9d04f668
-
SHA512
e3d0b370faa1b8671a265dc9d1dc49fa8fc151afd96e63fb0873df0f4c4392b55c8c7ad80744006c593ea11a3a4e3f84271ab886974bd07a58a102c84cafb059
-
SSDEEP
3072:gCaoAs101Pol0xPTM7mRCAdJSSxPUkl3V1MQTCk/dN92sdNhavtrVdewnAx3wmVl:gqDAwl0xPTMiR9JSSxPUKpdodHC
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 974f3019464791c67ca4560d25149570_NEIKI
Files
-
974f3019464791c67ca4560d25149570_NEIKI.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 496KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
UPX1 Size: 75KB - Virtual size: 76KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.text Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE