7f4589b8ff48e04dd287bac48489e2b0_NEIKI | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7f4589b8ff48e04dd287bac48489e2b0_NEIKI
Size

65KB
MD5

7f4589b8ff48e04dd287bac48489e2b0
SHA1

e9f11f6dd7064a462f6f6cecca745d23d57c3a8a
SHA256

09937e4f6b6343b4f46e6264845d22da59a3443ddf8aeb213d7d214b79689703
SHA512

3c480c7a62b93c16282abebec64cb63426d9e49903eece347e0592d7e99ccb53c5a7edc2b2d23ecc8b0e0253147aa066a005d6fe5d8670f5e6be1f0b7bf10e5d
SSDEEP

1536:mqPl447AenCbycitRhrHwvsMxsWPOKpjy5sSc:7Pf7DH5nFHZMpPJcRc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7f4589b8ff48e04dd287bac48489e2b0_NEIKI

Files

7f4589b8ff48e04dd287bac48489e2b0_NEIKI
.exe windows:4 windows x86 arch:x86

272adf2f24bc6d20f09d4329bc210aa6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MoveFileA
DeviceIoControl
GetFileInformationByHandle
IsBadWritePtr
SetConsoleTitleW
ReadThreadProfilingData
TermsrvDeleteValue
FindNLSString
CreateTapePartition
GetTempPathW
GlobalDeleteAtom

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE