d175800c1d25518ce88ff99a9d1d70d0_NEIKI | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d175800c1d25518ce88ff99a9d1d70d0_NEIKI
Size

119KB
MD5

d175800c1d25518ce88ff99a9d1d70d0
SHA1

930a48de3bc013cc6fa4455c2ca8acd3c7911b5c
SHA256

e480814040747c1d336536ffba0409fa45cbb46b281d0c34f44ca213143e6197
SHA512

e7b5825c4f235a6214172fb12b16bad55df58266393884a947d766af9a892bb3dbfc6b0019749532b76c11d71fef5d921365634ea6b0dbe0e205a11256672b7f
SSDEEP

3072:rXofms8irZA29ZkslJPtFoI+cgL3R1nu2MwY/DSzej7G:tslKqX7FV+/3R1u28TG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d175800c1d25518ce88ff99a9d1d70d0_NEIKI

Files

d175800c1d25518ce88ff99a9d1d70d0_NEIKI
.exe windows:4 windows x86 arch:x86

12bd447e8f6b9c7e74ee60aeb521e98a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreatePipe
BasepCheckWebBladeHashes
GlobalGetAtomNameA
GetSystemDefaultUILanguage
CreateFileMappingFromApp
CreateRemoteThreadEx
UpdateProcThreadAttribute
CloseThreadpoolIo
UnregisterBadMemoryNotification

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE