2eafde9c51f2331d20ed2a907f9fc620_NEIKI | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2eafde9c51f2331d20ed2a907f9fc620_NEIKI
Size

119KB
MD5

2eafde9c51f2331d20ed2a907f9fc620
SHA1

e24b608940bbbb5fa539368bd931013d32719072
SHA256

2f1f16eeefe2d9494a1c39e0837df8d28fa52237d1551b817307716fb8e1bb0c
SHA512

bc45fc4170998eab7101320818a9f483578a49459163ec0513e891ebf7d06bc01a9022badc57099e60c59776f34546d02803d76f905703187cd7060443e320ff
SSDEEP

3072:9n/janpOtOutm1Hj8bu4/tgv8etVetniNsPGnDuerA:1/jawt/w2uaeVTsPGnDuerA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2eafde9c51f2331d20ed2a907f9fc620_NEIKI

Files

2eafde9c51f2331d20ed2a907f9fc620_NEIKI
.exe windows:4 windows x86 arch:x86

e85141e3f44f29fc3f2b590662dbe805

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadThreadProfilingData
SetCurrentDirectoryW
GetThreadPriorityBoost
GetStartupInfoW
Thread32First
RtlFillMemory
IsValidCodePage
GetCalendarInfoEx
DuplicateConsoleHandle
IsValidLanguageGroup

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE