redline | d5efed61714caf21eeeeed32ac907dd0_NeikiAnalytics | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d5efed61714caf21eeeeed32ac907dd0_NeikiAnalytics
Size

1.2MB
MD5

d5efed61714caf21eeeeed32ac907dd0
SHA1

844882a3ddc464a840e5f8c65c3330d048090cbe
SHA256

da3e5fcff247a32742a3fb8e4fc6f1c1a56c508f942624e7224f8d6e8ff1900c
SHA512

404577d79096537593ec5bfcf9c8f759c6a635665828118fefde8a90e588009b2a9ff4d0095e1024782b4085b6d07b8167ea88a3bd2d8dd5be751a2ebec1e508
SSDEEP

12288:h6SGuXY6JvV8Dou/3niUad4B9wvxOaoXoI9IkcsIug466wPOyr08scUzsfr:sSGuo6JvV8d/3niUaSBFalEwJrBU

Score

10^/10

redline

Malware Config

Signatures

Redline family
redline

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d5efed61714caf21eeeeed32ac907dd0_NeikiAnalytics

Files

d5efed61714caf21eeeeed32ac907dd0_NeikiAnalytics
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 738KB - Virtual size: 737KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 375KB - Virtual size: 382KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 270B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ