04a6b03bdf9d8578fc9cd9fc34ccbd80_NEIKI | Triage

Sharing

General

Target

04a6b03bdf9d8578fc9cd9fc34ccbd80_NEIKI
Size

911KB
MD5

04a6b03bdf9d8578fc9cd9fc34ccbd80
SHA1

b990e1c32287d4b2a81ec483888a478a16390103
SHA256

c07a1931dfbe48a2df40e064798b91f97926f48ef27012220ea0bb52ec6172d6
SHA512

cb6e12f2fed91548e0718b84ae5e958b5cb281ca6465dd5ce11672e8ed5f9eab3d075b508f524c01d6e7cceb2d9b735008ba711e07788589ffcae42f79dd22a8
SSDEEP

12288:fbi5EdHcNAygxZJ6/gVROEODDI9SEwga3NYAw6oVJ5DnMejfcOE12RD6yChNOl:ji5acNAygxZJ64V4DDbdgaAJ8pc6zOl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04a6b03bdf9d8578fc9cd9fc34ccbd80_NEIKI

Files

04a6b03bdf9d8578fc9cd9fc34ccbd80_NEIKI
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\esee\Desktop\ \KODLARIM\RSBot-2.9.4\SDUI\SDUI\obj\Debug\net6.0-windows\SDUI.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 909KB - Virtual size: 908KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 756B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ