e0ae4e3f67a03f8f8fb2c7731cc48d70_NEIKI | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e0ae4e3f67a03f8f8fb2c7731cc48d70_NEIKI
Size

119KB
MD5

e0ae4e3f67a03f8f8fb2c7731cc48d70
SHA1

d214018bdd3ff9e7c7c5a7ebd2af66915cacb0aa
SHA256

139c589207c93d6b35dea6a71d770ce06ec92735da086a87c248638cadd4b58b
SHA512

052976a9779fe357ec5819ba687847ac5fcdcce4dea2c142e52486d2a7958e6e7b1926ed911a4939b0f4615eaf7028054eb19c614e5ab1c5cb640f14144e5149
SSDEEP

3072:2oCzZG6Qlz22YQDx+aMzLvCrakLLXFFaxn9W0:2oCcJuQDx8zCFgxnc0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e0ae4e3f67a03f8f8fb2c7731cc48d70_NEIKI

Files

e0ae4e3f67a03f8f8fb2c7731cc48d70_NEIKI
.exe windows:4 windows x86 arch:x86

f25a024566f57d1ada047eea9c95eb88

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleExA
HeapQueryInformation
GetConsoleDisplayMode
EnumLanguageGroupLocalesW
RegisterWowExec
ExitProcess
VirtualFree
IsBadWritePtr
GetSystemFirmwareTable
SetEnvironmentVariableW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE