d47b244c90cf19075173eabd33b78cf0_NEIKI | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d47b244c90cf19075173eabd33b78cf0_NEIKI
Size

119KB
MD5

d47b244c90cf19075173eabd33b78cf0
SHA1

31a09407639ff54d19e377fe6371ad394b80ff88
SHA256

af60f367038a44ab06d5b7a53a5f82c884cad531154500ab003df4a7cdee430d
SHA512

6d7f0577ca218ebae36b218f45d27230590f9106904b917222e5792caae1ed5fb806c8725054a9b32ad410f0c01e8bad9ec1298740e263c0462c67f14c7827bb
SSDEEP

3072:Q5knjWCDoBV3IVOMxcxid9H4qoD00h8Xb:bDs3O6K9H4+0h8r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d47b244c90cf19075173eabd33b78cf0_NEIKI

Files

d47b244c90cf19075173eabd33b78cf0_NEIKI
.exe windows:4 windows x86 arch:x86

5725ded81fa1d9abe18ca4b523609ad6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessInternalA
GetDevicePowerState
ReleaseActCtxWorker
GetDllDirectoryA
BasepCopyEncryption
Process32FirstW
GetEnvironmentStrings
GetNumaNodeNumberFromHandle
SetCurrentDirectoryA
EnumResourceNamesExA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE