5493cc89095950cad8f64f2f1d9c4b10_NEIKI

Sharing

Copy URL

Twitter E-mail

General

Target

5493cc89095950cad8f64f2f1d9c4b10_NEIKI
Size

24KB
MD5

5493cc89095950cad8f64f2f1d9c4b10
SHA1

672c999cb277e7397e79db140633abc6abceab74
SHA256

2ab6dc9ce872142ee7be392892ca9de5bf38822ed41df896ea2d6b6605178736
SHA512

4f45724d4b2ac9ccaca242eb68399fce1205bb84656fb842009832b31eacfcf6dd8ec26a2438a9d9f064ee18bdfd6db06692a4d53b4739bdc04e83df077b2dc6
SSDEEP

384:Yf45J6lKAFw+Fpac3hwQvklKG4auU+MjENE1Q18I8VVye+gs:YfF7Fd1lGyMjENS3oe+J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5493cc89095950cad8f64f2f1d9c4b10_NEIKI

Files

5493cc89095950cad8f64f2f1d9c4b10_NEIKI
.exe windows:1 windows x86 arch:x86

b1f4cbc45a237245a85593f35a8f1f99

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

salflibc

__SALFORD_MAP
__throw_temporary_ptr
__undefined_function
WSF2#
EXIT1#
CCOMP#
I4#WSF
CLOS##
CH#RSF
__FTN95INIT1_
WSF1##
CH#WSF
STOP#
RDF1##
OPEN##
ERASE#
FEXISTS#
DOSERR#
I4#RSF
__CCOPY
RSF1##
GET_CURSOR_POS#
SET_CURSOR_POS#
mprintf0
__init_WindowsType
strerror
__initialise_cpplib
LibMain
GetVersion
GetModuleHandleA
__errno_address
strcat
__stdin_address
__salf_exception_handler
__stdout_address
WinMain
exit
__stderr_address
__ctype_ptr_address
__cout_address
__cin_address
__vd_info_address
__get_virtual_common_block
__cerr_address
__WindowsType_address
__clearwin
__Put_exception_title
__init_cpplib_info
LIBMAIN#
GetLastError
__get_main_arguments
____console_stdin_address
GetWindow
sprintf
__Put_exception_message
____console_stdout_address
strlwr
____console_stderr_address
__special_flags_address
__General_shared_address
__Register_map_info
_scc_lib_version
GetModuleFileNameA
__initialise_sccdll

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.comment
Size: 512B - Virtual size: 186B

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.salfmap
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.salfsys
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.salfvc
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b1f4cbc45a237245a85593f35a8f1f99

Headers

File Characteristics

Imports

salflibc

Sections

.text Size: 10KB - Virtual size: 9KB

.bss Size: - Virtual size: 2KB

.comment Size: 512B - Virtual size: 186B

.data Size: 5KB - Virtual size: 5KB

.idata Size: 2KB - Virtual size: 1KB

.CRT Size: 512B - Virtual size: 12B

.salfmap Size: 2KB - Virtual size: 1KB

.salfsys Size: 512B - Virtual size: 24B

.salfvc Size: 512B - Virtual size: 44B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 10KB - Virtual size: 9KB

.bss
Size: - Virtual size: 2KB

.comment
Size: 512B - Virtual size: 186B

.data
Size: 5KB - Virtual size: 5KB

.idata
Size: 2KB - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 12B

.salfmap
Size: 2KB - Virtual size: 1KB

.salfsys
Size: 512B - Virtual size: 24B

.salfvc
Size: 512B - Virtual size: 44B

.reloc
Size: 2KB - Virtual size: 1KB