3750101a9b0e078f7146d41ade2ae8f0_NEIKI | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3750101a9b0e078f7146d41ade2ae8f0_NEIKI
Size

950KB
MD5

3750101a9b0e078f7146d41ade2ae8f0
SHA1

2ab9be31b29ce66fcf1870258339a8e5de0661e8
SHA256

a1e26a77edb5d834e72812385f9cf0316c1543fec7d988114b8f89dcc9954bd6
SHA512

60b50075a47884314ff3aa7566970f3b275b2e4ec3dc3da198b8e807c45d2db0a7ae2ed138d1dc2c3346ca46b4cbc7272cc4eb1f65b81b3fe8e1e4e2241f9e9f
SSDEEP

24576:6/u8htUVhgEKcA3IdzWitRdqfRwDotO8W:6tUVhKIdzhqfRw7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3750101a9b0e078f7146d41ade2ae8f0_NEIKI

Files

3750101a9b0e078f7146d41ade2ae8f0_NEIKI
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_APPCONTAINER
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Users\Andri Kurniawan\Downloads\detikcom.windows\DETIKCOM\DETIKCOM.WindowsPhone\obj\Release\DETIKCOM.WindowsPhone.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 473KB - Virtual size: 473KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.mdil
Size: 474KB - Virtual size: 474KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ