f57d9cf1fd5e97fd9468f39f74f76060_NEIKI | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f57d9cf1fd5e97fd9468f39f74f76060_NEIKI
Size

124KB
MD5

f57d9cf1fd5e97fd9468f39f74f76060
SHA1

7003dad521216236ce73496aacafbfa845a79473
SHA256

94fba1d04cb1b3ddf22ac3d584b4799a2d157494a85ead42ac218e029fafb376
SHA512

1ed83e83bdff2349433531f14ef8aaf79f64478daaf45045cf464c1e7eccbc3983f2e89b97665aa9f73e58bdda95dabac9ef5460fcffd1145b3a8552ab2170e2
SSDEEP

1536:aQewhxGiWF/1CKFIdU9QRYgIvz360GOuuSiiVPOzEWy5YsUJlRI9MK5:rhxGiWR1CoIdaL6UrmVPOzE3MlrK5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f57d9cf1fd5e97fd9468f39f74f76060_NEIKI

Files

f57d9cf1fd5e97fd9468f39f74f76060_NEIKI
.dll windows:4 windows x86 arch:x86

419a35f334286f019917bb0cdd7c348c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

php5

php_combined_lcg
add_assoc_resource_ex
_array_init
add_index_resource
zend_fetch_resource
zend_get_parameters_ex
_zval_copy_ctor_func
convert_to_long
php_error_docref0
zend_register_resource
zend_wrong_param_count
php_info_print_table_start
php_info_print_table_row
php_info_print_table_end
_efree
_erealloc
_emalloc
zend_register_list_destructors_ex
zend_register_long_constant
zend_register_string_constant

kernel32

DisableThreadLibraryCalls
GetCurrentProcessId

msvcrt

_adjust_fdiv
_initterm
_isctype
strlen
_pctype
__mb_cur_max
fprintf
realloc
free
_iob
abort
_ftol
time
malloc

Exports

Exports

get_module

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ