94fd56592963fb07fffa2345b4dcebc0_NEIKI | Triage

Sharing

Copy URL Twitter E-mail

General

Target

94fd56592963fb07fffa2345b4dcebc0_NEIKI
Size

87KB
MD5

94fd56592963fb07fffa2345b4dcebc0
SHA1

1507e08fda158c5880c7b0a52c63dc74edc6c5bd
SHA256

6ad59e7dd98b8157a3b3ff28aa1dce4ce9c1ce7c02d4bdedec926c78c7c57510
SHA512

7d8106c80ba6d7ab000dd0956464441f1d0f83a212689b29d76a76aa3126fa76dafbb4b48f2341e33a358829789124edf90fc5835a781ee0fba9b960c73e7307
SSDEEP

1536:IchuIRDXMg91FR+lv1s4fP35cWtb6r7zzR+uNGdgOLx:hhJoTBfPmWtbEzdedFLx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
94fd56592963fb07fffa2345b4dcebc0_NEIKI

Files

94fd56592963fb07fffa2345b4dcebc0_NEIKI
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\agent\_work\1\s\netScope\NetScope.Desk\obj\ObfuscatedBeta\NetScope.Desk.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ