44101cd83b30b8ad5951658fb10d0660_NEIKI | Triage

Sharing

Copy URL Twitter E-mail

General

Target

44101cd83b30b8ad5951658fb10d0660_NEIKI
Size

1.3MB
MD5

44101cd83b30b8ad5951658fb10d0660
SHA1

c14ae14ea0957bdfb9dc0b24d983c996fc872f5c
SHA256

199d1008a2365f0effe634f26a106cc32f040cf712d36cc69b74393c6e258b3a
SHA512

744d4563b0da20a45ac556bdbb73bbf1e90c2f73998f17b74467b67ff2f1c9cb6fa95e70c43987c2334d61b1fb20b26222eadc542fb08e3afd95cb67a1be6b3b
SSDEEP

1536:1V8wWl4IF4b44iW+DEzNgob77lY+zo1k45xmzllOQZIvWH+YzzzLzzzcWfMwpBH1:1Vi4FIBEzz4v6G1vWPc4v+GHvWfW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44101cd83b30b8ad5951658fb10d0660_NEIKI

Files

44101cd83b30b8ad5951658fb10d0660_NEIKI
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\kyleh\Desktop\main\dotnet\GoToLogFiles\obj\x86\Release\GoToLogFiles.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 664KB - Virtual size: 664KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 621KB - Virtual size: 620KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ