e92dd7401d52f7a7020ca8bfe80b94a0_NEIKI | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e92dd7401d52f7a7020ca8bfe80b94a0_NEIKI
Size

64KB
MD5

e92dd7401d52f7a7020ca8bfe80b94a0
SHA1

715a80717882dc04b82193e4b173e81bddc5ca96
SHA256

ab4c15dbefe08db514f676aa2a87b0851db520d621db32acc8750930b775931c
SHA512

8131841143e03b5fabd55a2ab0b2970aaf862d45ae056016ffdf56a92cffa214c64eeb9e4d52f1b8616eb9e942fe3604ae9c39ec8f3ed1c9f7488e06c4369ee7
SSDEEP

1536:qZRGRkAIePuiQ452IFcoeG9eJJxLYbAkWfUkL3AVP:aJA7Xx52IFpeG9eJbV5UTJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e92dd7401d52f7a7020ca8bfe80b94a0_NEIKI

Files

e92dd7401d52f7a7020ca8bfe80b94a0_NEIKI
.dll windows:4 windows x86 arch:x86

9a9ae887a2d5f22b8c1ce12780d17172

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
Process32Next
Process32First
CreateToolhelp32Snapshot
FreeLibrary
GetProcAddress
LoadLibraryA
GetTickCount
TerminateProcess
OpenProcess
GetLastError
CreateMutexA

shell32

StrCmpNIA

msvcrt

malloc
free
_initterm
_adjust_fdiv

Exports

Exports

SomPlugin
plugins

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 635B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 150B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ