0037b81011822aa70eb28e96d72fd1a0_NEIKI | Triage

Sharing

General

Target

0037b81011822aa70eb28e96d72fd1a0_NEIKI
Size

91KB
MD5

0037b81011822aa70eb28e96d72fd1a0
SHA1

ada9fd8b6065bed266a5e76224c487025e1e4767
SHA256

3315c03890d41e0faa0a4a5e0f0ac3369bf41c702ca84ee1b2faec6e573d79bd
SHA512

51bb4bdf623c3964f6ca4f88187211f67616ec8dc089236333302e70b49a87e4050b529b398d1ce8d26ee595f7542381ef4b7636f4ea47a70e52104391ebb89c
SSDEEP

1536:XJRtlEnBHHIgabuYotV/JbJCX5SBi8JRtlEnBHHIgabuYotV/JbJCX5SBiE:XvtYxOuYotvYQI8vtYxOuYotvYQIE

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
0037b81011822aa70eb28e96d72fd1a0_NEIKI
unpack001/out.upx

Files

0037b81011822aa70eb28e96d72fd1a0_NEIKI
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 136KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 144KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ