ed386ed4c8c6aa0bc558d9bea2c228f0_NEIKI | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ed386ed4c8c6aa0bc558d9bea2c228f0_NEIKI
Size

4.8MB
MD5

ed386ed4c8c6aa0bc558d9bea2c228f0
SHA1

dd95ea4dab76d5bed77877b5564c396d89cb8847
SHA256

e2971c459e2126d072d2030ef15596c287de2b33a4efe1f4f5d265c13dfad085
SHA512

189f48ffe5313a0a8964638b5c3395ca3e3b1e29f84e3f410b57222f937d786b782512c53e2ef11a3fca8b55d75722951cebe64773286151f765e01d8269184f
SSDEEP

98304:nCsLapoWwKKgTwXddF1iljhmK2bGuaxnb7Dv8u8HwQH+Dg4EVN6/:nCFoWwKKgTwXddF1iljhmK2bGuaxnj84

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ed386ed4c8c6aa0bc558d9bea2c228f0_NEIKI

Files

ed386ed4c8c6aa0bc558d9bea2c228f0_NEIKI
.exe windows:5 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 277KB - Virtual size: 307KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 191KB - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ