7c6bf35362b45b8b73bf9b5c46a7cd10_NEIKI | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7c6bf35362b45b8b73bf9b5c46a7cd10_NEIKI
Size

108KB
MD5

7c6bf35362b45b8b73bf9b5c46a7cd10
SHA1

722d2d68998b076dc9e666a397a06f0f6d2aff3b
SHA256

af4504c803e74c5bce9bf9759b5dedfafdddf8f0fef03a527bc10b4194aa8deb
SHA512

8f09d9f6f9c44df010cbca3ba260dcbcb3770dff9682a925d6f8540c53567055b0403dcba49e3ec736da843a5e24e458afd5b7c6cce85306a9e1666fbff1fe04
SSDEEP

3072:+/AGbouFiZH4XSaSXXS/SXXSScl5uEEg+b:obou0ZWl5uE2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7c6bf35362b45b8b73bf9b5c46a7cd10_NEIKI

Files

7c6bf35362b45b8b73bf9b5c46a7cd10_NEIKI
.dll windows:4 windows x86 arch:x86

4189b1f800318c2fc147c5ffed33beed

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

IsBadWritePtr
IsBadReadPtr
InterlockedDecrement
InterlockedIncrement
OutputDebugStringA

msvcrt

__CxxFrameHandler
free
malloc
memset
_CIpow
printf
_ftol
??2@YAPAXI@Z
qsort
memmove
_ftime
ceil
exit
_initterm
_adjust_fdiv
calloc

Exports

Exports

SDGetClassObject

Sections

.text
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 449KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ