Overview

overview

10

Static

static

10

ddb8d395d2...KI.exe

windows7-x64

10

ddb8d395d2...KI.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    ddb8d395d2c5cb456273b04319f33160_NEIKI

  • Size

    2.0MB

  • MD5

    ddb8d395d2c5cb456273b04319f33160

  • SHA1

    8d66124ef0fabc20ec76da40aee7f1d7575b062f

  • SHA256

    c56a6f7946f42321473bc3c1d1cef7194f6c101941aa0d442d8025fcb3c8aa9d

  • SHA512

    802a97d77f6ab0ac77a61ac5f198cd30b1fc6137c2bbdda2429ad04ecf162d0dcc8520a871f3d051d08744745a9e457321bb45d83927b0b98393eb32ef46f23c

  • SSDEEP

    24576:kn2XTCHM4xT9V3XzsHhVmatCELYIXVelAtgbHHd:SaTUv0jmtEttc

Score
10/10
ratdcrat

Malware Config

Signatures

  • DCRat payload 1 IoCs

    Detects payload of DCRat, commonly dropped by NSIS installers.

    rat
  • Dcrat family
    dcrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • ddb8d395d2c5cb456273b04319f33160_NEIKI
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections