3ddb9977b2fd182fff9a92be59e552b0_NEIKI | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3ddb9977b2fd182fff9a92be59e552b0_NEIKI
Size

60KB
MD5

3ddb9977b2fd182fff9a92be59e552b0
SHA1

4b23baf7b5401a98f36776bcc8af37453fdb7326
SHA256

81937904e4798e715b29f99f2aa35377d872686b980085058e4beb983863e180
SHA512

29466be50e7d795bded7fc07b2648e09e72dfd4eaf648317708d144297621a7fff40e5631a51a7cc7f6df95e5262060b28ecf8183c7cf27b373a37ab44ee0651
SSDEEP

1536:ijidWIVCoweTJZyg0Kys3eZSvNH09yKMQ+c5bkG7D/:i+dW8C8T+g0Kys3eZSvNU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ddb9977b2fd182fff9a92be59e552b0_NEIKI

Files

3ddb9977b2fd182fff9a92be59e552b0_NEIKI
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\Builds\88\PrimeSuite\_WIX_DevInt_Multi_1\Sources\Utilities\ClinicalSpecialtyAdmin\obj\x86\Release\SpecialtyAdmin.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ