cbd78f3c912af06f66e85b66e74a73d0_NEIKI | Triage

Sharing

General

Target

cbd78f3c912af06f66e85b66e74a73d0_NEIKI
Size

622KB
MD5

cbd78f3c912af06f66e85b66e74a73d0
SHA1

68c238e795137c04c9d7d411ab6e8948d70e6e5d
SHA256

fb82136e50a68b366caaeb3f16cea237ee8a12bd935efdd7fe78cb9d2546ad17
SHA512

5d232fafabe4d410c832a4114157efe2034eeb35f700668edfdb64977c12952048ccd8df136a16bc7d2af25490c60eee5dc419b3c65b33791859706e9f4be012
SSDEEP

12288:qzabqTEG6+UmspaIlsstC/UcIGKRsDKCFcdebmaKOa+:8a2Z6N7FC/UcIrxQXbm3O7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cbd78f3c912af06f66e85b66e74a73d0_NEIKI

Files

cbd78f3c912af06f66e85b66e74a73d0_NEIKI
.dll windows:4 windows x86 arch:x86

dec66c7b93981fe0acb92aa974083ef0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalLock
GlobalUnlock
lstrlenA
lstrcpyA
GlobalFree
GlobalAlloc

msi

ord158
ord144
ord8
ord42
ord73
ord49
ord159
ord31
ord160
ord117

Exports

Exports

SetPatchProperties

Sections

.text
Size: 1024B - Virtual size: 744B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 403B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 86B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ