d6ee848aa1c5d7e893033030b938ec30_NEIKI | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d6ee848aa1c5d7e893033030b938ec30_NEIKI
Size

4.6MB
MD5

d6ee848aa1c5d7e893033030b938ec30
SHA1

b3b15d57eb930d1f0cd02820b3d4f541b1e5d3aa
SHA256

2cd26cd7eba9dc4fad05f51588c0e89ebee68bc1bcd6b612e001b3c173ed04ef
SHA512

9e7284d71bd0f630f02129742ad419c901eb7a3aa4359980629702054bad66507efc19d7b98023f7b470b6105595778ad2d92a5e50c479abb322f9ca22b06682
SSDEEP

24576:TC5ViVc2/LNg51jlPJmel9c6ttYD4WeT2f93kZOGceXmJ5IvhnAZUPK/7gcqHYFt:W6c2/+53J3oZseqc0yUyDgEd5k8HIn+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6ee848aa1c5d7e893033030b938ec30_NEIKI

Files

d6ee848aa1c5d7e893033030b938ec30_NEIKI
.exe windows:10 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 640KB - Virtual size: 639KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 369B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CPADinfo
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 484KB - Virtual size: 484KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ