995dcf4d879d45ad6be7f47c607fb150_NEIKI | Triage

Sharing

Copy URL Twitter E-mail

General

Target

995dcf4d879d45ad6be7f47c607fb150_NEIKI
Size

119KB
MD5

995dcf4d879d45ad6be7f47c607fb150
SHA1

80056f5e9407a09f41a83e65875ca619e8b9b7ba
SHA256

cf63ed78c0279eb01f4817e570900e446d93743667f8801c4351c8af411e344a
SHA512

ad4e523ec45e62395e5ab1c2771921b528b92ac20c1638210c415d66baee2297f1d83fc6e700af15ed3ec1240afac9d9d54d29c95b9d6872cabef546fbae3fe0
SSDEEP

3072:kuFmUlonnPfBGelGdJC5Wk5/r6njcs71TkzX79mx3e5xSdC:kuwUGf1poe5xSE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
995dcf4d879d45ad6be7f47c607fb150_NEIKI

Files

995dcf4d879d45ad6be7f47c607fb150_NEIKI
.exe windows:4 windows x86 arch:x86

49a8a8e9c5b994518850a2e7f7af6cc0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEndOfFile
WerUnregisterRuntimeExceptionModuleWorker
LCIDToLocaleName
QueueUserAPC
PrivCopyFileExW
GetMemoryErrorHandlingCapabilities
SearchPathW
SetCommConfig
GetThreadErrorMode
WerUnregisterMemoryBlockWorker

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE