Behavioral task
behavioral1
Sample
4bf08eb4091ac85a81b5b0e703b75670_NEIKI.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
4bf08eb4091ac85a81b5b0e703b75670_NEIKI.exe
Resource
win10v2004-20240426-en
General
-
Target
4bf08eb4091ac85a81b5b0e703b75670_NEIKI
-
Size
777KB
-
MD5
4bf08eb4091ac85a81b5b0e703b75670
-
SHA1
8cf8b22e17fc947b7390a0c5ccccbf220b6e9218
-
SHA256
8780e8912cd06043703384eab9be1474ad467fc9364e39f75442cbbfa5a8d94a
-
SHA512
26d278fd5dbf1f39b773354a22c9d270f440da597b51c970c1124447975450824e11e8b962640fb68d8c77dcd546f9cbcbab3cb8e8b26e51be66c4603a7b6958
-
SSDEEP
12288:tEQoS9qhOtmeKcuHZ4dLHRD11a45GiE/rl77PaxqOEw+TvHfD2gns4k+VYKXmW:t2Oc1ydLHRZcWTEzkxqO82gO+VYLW
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 4bf08eb4091ac85a81b5b0e703b75670_NEIKI
Files
-
4bf08eb4091ac85a81b5b0e703b75670_NEIKI.exe windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 68KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.btnj Size: 34KB - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.t Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE