0c34999b3ec0334a6ad8c4690fbff570_NEIKI | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0c34999b3ec0334a6ad8c4690fbff570_NEIKI
Size

119KB
MD5

0c34999b3ec0334a6ad8c4690fbff570
SHA1

20a054fdb24f45a8065763ff0a149774abd6b485
SHA256

aa38ec698430596c2091ba8fa6f93a5fa25ca9bad493e9d6271b6a197cbeb397
SHA512

ee93ae40b478d53c375bc9cedb0cce8bf40c935f5516c2baa87a44577dce819a13313cf8986726f4cff56663727ece83a1f18ce44834d57967baa67a78f23f6a
SSDEEP

1536:5yw9xC4HtFKzQ+QvI1ICNcc9pqePWq35GVuFZoe64a3Chk9tSb8WvPEfvPh87OgA:4N4iz08ICf48+OZra3wk3SbpsfHh87RA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c34999b3ec0334a6ad8c4690fbff570_NEIKI

Files

0c34999b3ec0334a6ad8c4690fbff570_NEIKI
.exe windows:4 windows x86 arch:x86

a6e34a91c43e8ac2dfe1b9c06a8c81cb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MoveFileExW
GetDriveTypeW
QueryDosDeviceW
K32GetMappedFileNameA
SetConsoleKeyShortcuts
FillConsoleOutputCharacterW
AcquireSRWLockShared
CreateProcessA
GetThreadIdealProcessorEx
WerUnregisterAdditionalProcess

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE