Behavioral task
behavioral1
Sample
00499168f28422a419934c1a3bf62a30_NEIKI.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
00499168f28422a419934c1a3bf62a30_NEIKI.exe
Resource
win10v2004-20240508-en
General
-
Target
00499168f28422a419934c1a3bf62a30_NEIKI
-
Size
1.3MB
-
MD5
00499168f28422a419934c1a3bf62a30
-
SHA1
fcd9858773c4b43c9f77ca87235b31a7a604fbc8
-
SHA256
cc3824e0f03ef721dc42acb309c140a4b86d0afeb8a8526d0e2d0faa03e29ca6
-
SHA512
1e31863b89388922691cb73c113e055c1a3a7d3199350fe9b0f9286d20baaf327f32a6bb4998228fa40db13d30daa0770fb9dc6b7e09b37234d52f76ccb77759
-
SSDEEP
24576:VFoE7MjkkY8vXp0LvHhavXr3C4Qj95jzS5S4eEk3cQaFDK6OYY:vo2MwV8vXAvUzYXH4R3QahK8Y
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 00499168f28422a419934c1a3bf62a30_NEIKI
Files
-
00499168f28422a419934c1a3bf62a30_NEIKI.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 68KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 36KB - Virtual size: 40KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 7KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE