10c3c194bb2b1a660c1844d184fe0dd0_NEIKI | Triage

Sharing

Copy URL Twitter E-mail

General

Target

10c3c194bb2b1a660c1844d184fe0dd0_NEIKI
Size

119KB
MD5

10c3c194bb2b1a660c1844d184fe0dd0
SHA1

83b69a286ebe81dde9f69ab86f37e9b1cbaba58e
SHA256

fd98dfd25c37e0b7969096cbf0545b61b0693caab07c486725db7d43b27c2e95
SHA512

00baba00a2e6398791e751fa374b85a9865f78ac269512677fde2ef6cf35fdf133220ecff2f4dd2e6097466df5c2d57d9c6a792231d9a4c5d3c114f30a2c3362
SSDEEP

3072:y0QyBY10U17B91XEF/wd6AI6RJFUjSI6gaKGekS:YyBY1byqR3aB6oGel

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10c3c194bb2b1a660c1844d184fe0dd0_NEIKI

Files

10c3c194bb2b1a660c1844d184fe0dd0_NEIKI
.exe windows:4 windows x86 arch:x86

56f89d67d50b3ed4c472750d84488d36

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeUserPhysicalPages
GetEnvironmentStringsA
BasepGetAppCompatData
HeapDestroy
GetDurationFormat
K32GetWsChangesEx
ZombifyActCtxWorker
LZStart
BindIoCompletionCallback
GetConsoleProcessList

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE