d63457c387016bfd79391c02b9e5ea70_NEIKI | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d63457c387016bfd79391c02b9e5ea70_NEIKI
Size

43KB
MD5

d63457c387016bfd79391c02b9e5ea70
SHA1

d4da35495a446201785d1ce126bc983fbb6a5a68
SHA256

afc627b41ff23ec070ce40f6f4695aabadec1c6d3931a76b9db81ea9579e110c
SHA512

9c6e9b9ec2a74a1c64e96b6441064ef40bc4456f801385c1d2e0ba32caf8675342791a9b8279bb0bae9e9589b05e039e0506b8434405d98ffca53c049771ffd9
SSDEEP

384:xoYprsLFt+f5Q75Q+4wTzJldd1m5ahkBQV4LJZjH:xoasxtEg5Qm9tRmQV4L3D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d63457c387016bfd79391c02b9e5ea70_NEIKI

Files

d63457c387016bfd79391c02b9e5ea70_NEIKI
.exe windows:5 windows x86 arch:x86

6ca37e5e41278ceac6bd8157d469b53e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

wininet

InternetOpenW

user32

wsprintfW

shell32

ShellExecuteW

Sections

.MPRESS1
Size: 1KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1024B - Virtual size: 963B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE