f0b11395c9826c6d99fa8e8d99e761a0_NEIKI | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f0b11395c9826c6d99fa8e8d99e761a0_NEIKI
Size

20KB
MD5

f0b11395c9826c6d99fa8e8d99e761a0
SHA1

22c0959785601dafea8f9607e6aa7b9d76d7277d
SHA256

e693653c06e9b31256a4f8f78e6a79786b03f0aa99ed511000cb84ac27631afd
SHA512

99e297118c079ecefd8177b1602b0bd232fccd894da8e1bf3070a492b335ca5c071a49a082b23d5a6f71af06b23fc33f6251f6d1be85085edf158b4ef3981ca0
SSDEEP

48:6cgI1jYNzoBOTT4SvUjVfRB6whpsFPJfArJPYb2ZWSMtdtiNYShLUV4l:6I1jyoQTMBVfl+xGJwb+WSciNYQYV2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f0b11395c9826c6d99fa8e8d99e761a0_NEIKI

Files

f0b11395c9826c6d99fa8e8d99e761a0_NEIKI
.exe windows:4 windows x86 arch:x86

8462b60f6dff3170e8e893be76732af3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GetCommandLineA
ExitProcess
GetModuleHandleA

shell32

ShellExecuteA

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ