ae01d6af763168512e36a853a94faaf0_NEIKI | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ae01d6af763168512e36a853a94faaf0_NEIKI
Size

186KB
MD5

ae01d6af763168512e36a853a94faaf0
SHA1

d6c1f9a817690a5413fe998fa4079e8aaa10beb5
SHA256

2e4abdfc65cc8af8ad00a8a542acd74f3d944dc7e66bee783616b84fe4da57fc
SHA512

7066256156dc8e90acadf7bdee01ac4ca35bc76b478864caed1de2ebbb27f5a02ac22039c274ef3130e2657ea8259deccc2b50be93275b728a608243604ad7c3
SSDEEP

3072:Z1Fk9cl4mFxsAxIIxu5gBI649zvemtxL5l4ehU/rH0UofpuvXbP:Z1EcOAxJs5gafWmtnru4Ua0vbP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ae01d6af763168512e36a853a94faaf0_NEIKI

Files

ae01d6af763168512e36a853a94faaf0_NEIKI
.exe windows:5 windows x86 arch:x86

a3a257e5cb1bf88bd8baa6fca479c8d4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetProcAddress
VirtualAlloc
VirtualFree
VirtualProtect

user32

EndPaint

gdi32

BitBlt

advapi32

OpenProcessToken

ws2_32

WSAStartup

Sections

HJFDDERT
Size: - Virtual size: 612KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

HJFDDERT
Size: 185KB - Virtual size: 188KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE