1f8cb1446a2d0f84c60462a2d741b9b0_NEIKI | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1f8cb1446a2d0f84c60462a2d741b9b0_NEIKI
Size

119KB
MD5

1f8cb1446a2d0f84c60462a2d741b9b0
SHA1

0902f7efa1ce474a66174705f900288e38f4ccd7
SHA256

509df906daea3aeb1878f1a0048c7c8184da0f80a2c52f08707a179a4df89ee2
SHA512

90938fa90bbf0689bd254c99e8fa01324b4323f24e881822410a9100164f9e85ef8d13ed858208d12e70f233a237d2ac6e5dc98f35c3747313a646edd8236556
SSDEEP

3072:+wFn9Z5vXILMGY5Apxo6pqUxvNkw/HzKkZocB3E4hAq:5nn98MGY5ApxoUqovXZocB04uq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1f8cb1446a2d0f84c60462a2d741b9b0_NEIKI

Files

1f8cb1446a2d0f84c60462a2d741b9b0_NEIKI
.exe windows:4 windows x86 arch:x86

c009b105e54b36e3c537759c10d86dad

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumCalendarInfoW
WriteFileEx
GetFileSize
LoadLibraryExW
WaitForThreadpoolWorkCallbacks
ConvertSystemTimeToCalDateTime
SetFirmwareEnvironmentVariableW
GetNumaNodeProcessorMaskEx
SleepConditionVariableSRW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE