5f8e16c8412bacc9c76fe9300e7665e0_NEIKI | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5f8e16c8412bacc9c76fe9300e7665e0_NEIKI
Size

3KB
MD5

5f8e16c8412bacc9c76fe9300e7665e0
SHA1

f8bbaf57ab30c00a97de4c17fcbe7e8e4aafe216
SHA256

cc1fcb1ba9dc631f9984bf44e2266491d63b407f44bc80de32f80a4e17c90123
SHA512

13fb263c0cef9fa06800f71d2a21afc567bb0fc041101902b61b235c29c4e83f34098251c55ea4217c93f639b7b5efd5c442b832642b3ea93931a2bb55a28f0e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f8e16c8412bacc9c76fe9300e7665e0_NEIKI

Files

5f8e16c8412bacc9c76fe9300e7665e0_NEIKI
.dll windows:5 windows x86 arch:x86

87bed5a7cba00c7e1f4015f1bdae2183

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress

Exports

Exports

?rundll@@YGXPAUHWND__@@PAUHINSTANCE__@@PBDH@Z
rundll32

Sections

.text
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 319B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 420B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ