5e1aa50a59ab02d84f34cf475f841b30_NEIKI

Sharing

Copy URL Twitter E-mail

General

Target

5e1aa50a59ab02d84f34cf475f841b30_NEIKI
Size

1.1MB
MD5

5e1aa50a59ab02d84f34cf475f841b30
SHA1

7062def034334cbf818dac3e7a9c46574bf967c6
SHA256

275ee10e3dde4b4975daec2f2163664adfd9d75d3d419b6c2075f526f11aafde
SHA512

4f2faf8397f636b654372f0efc944f07159fcdf840fd1143f8c8a9934274193865de121b2aaac08320029ac7d50b8d24562ac9e964f0a3057680092d8900b044
SSDEEP

12288:IsuKJLzFenPkg5wsz1NdWdXK7qRuSmxOuryBxVbHRr2k3S8Q8DDTllvSqfRP4Rk+:VeP+Zx28DDT3v1RP4qBVpGgo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e1aa50a59ab02d84f34cf475f841b30_NEIKI

Files

5e1aa50a59ab02d84f34cf475f841b30_NEIKI
.exe windows:6 windows x86 arch:x86

4c2f2d3cb1e18863e4b3af23dfbad518

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Juno\Dev\TaskGrouper\TaskGrouper\TaskGrouper\Debug\TaskGrouper.pdb

Imports

kernel32

FindResourceW
MultiByteToWideChar
CloseHandle
ReleaseMutex
WaitForSingleObject
CreateMutexW
CreateFileMappingW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
DeleteFileW
VerSetConditionMask
lstrlenW
LoadLibraryW
VerifyVersionInfoW
FindClose
FindFirstFileW
FindNextFileW
Sleep
CreateThread
TerminateThread
OpenProcess
K32EnumProcesses
K32EnumProcessModules
K32GetModuleBaseNameW
K32GetModuleFileNameExW
lstrcpyW
SetEnvironmentVariableA
GetFullPathNameA
FlushFileBuffers
ReadConsoleW
ReadFile
SetEndOfFile
GetTimeZoneInformation
SetStdHandle
VirtualQuery
SetFilePointerEx
GetConsoleMode
GetConsoleCP
GetStringTypeW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
CreateFileW
lstrcmpiW
SetCurrentDirectoryW
GetFullPathNameW
PeekNamedPipe
GetFileInformationByHandle
FileTimeToLocalFileTime
WriteConsoleW
OutputDebugStringA
GetFileType
WaitForSingleObjectEx
SetConsoleCtrlHandler
GetCurrentThread
GetModuleFileNameA
HeapQueryInformation
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
WriteFile
GetStdHandle
CreateSemaphoreW
GetTickCount
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
CreateEventW
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FatalAppExitA
GetCommandLineW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetDriveTypeW
FindFirstFileExW
AreFileApisANSI
ExitProcess
RtlUnwind
GetModuleHandleExW
GetSystemInfo
HeapValidate
EncodePointer
LocalFree
WideCharToMultiByte
lstrlenA
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
SizeofResource
LockResource
LoadResource
LoadLibraryExW
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
FreeLibrary
OutputDebugStringW
FindResourceExW
FlushInstructionCache
GetCurrentThreadId
GetCurrentProcess
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
SetLastError
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
IsDebuggerPresent
GetLastError
RaiseException
DecodePointer
GetCurrentDirectoryW
LoadLibraryExA

user32

RegisterWindowMessageW
GetMessageW
TranslateMessage
WindowFromPoint
TrackPopupMenu
GetSubMenu
DestroyMenu
LoadMenuW
GetActiveWindow
DialogBoxParamW
GetMonitorInfoW
MonitorFromWindow
MapWindowPoints
SetWindowTextW
EndDialog
GetWindowThreadProcessId
EnumWindows
EqualRect
LoadIconW
GetWindow
FindWindowW
GetParent
IsRectEmpty
SetRectEmpty
SetTimer
GetFocus
GetDlgItem
SetWindowPos
CreateWindowExW
GetIconInfo
LoadImageW
DestroyIcon
GetClassLongW
GetWindowLongW
PtInRect
OffsetRect
InflateRect
CopyRect
FillRect
GetSysColor
GetCursorPos
GetWindowRect
GetClientRect
GetWindowTextLengthW
GetWindowTextW
InvalidateRect
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
UpdateWindow
DrawStateW
DrawTextW
GetSystemMetrics
IsWindowEnabled
KillTimer
CallWindowProcW
SendMessageW
DrawEdge
GetLastActivePopup
SetForegroundWindow
IsIconic
IsWindowVisible
PostMessageW
UnhookWinEvent
SetWinEventHook
GetClassNameW
SetWindowLongW
CharNextW
CreateDialogParamW
ShowWindow
DestroyWindow
IsWindow
UnregisterClassW
DefWindowProcW
PeekMessageW
DispatchMessageW

gdi32

ExtTextOutW
SetBkColor
GetObjectW
SetBkMode
GetObjectType
GetDIBits
ExcludeClipRect
DeleteObject
DeleteDC
CreateRectRgnIndirect
CreatePen
CombineRgn
SelectObject

advapi32

RegQueryInfoKeyW
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegQueryValueExW
RegSetValueExW
RegCloseKey
RegOpenKeyExW
RegEnumKeyExW

shell32

SHGetPropertyStoreForWindow
SHGetKnownFolderPath
SHGetFileInfoW
SHAppBarMessage
ShellExecuteW
Shell_NotifyIconW

ole32

CoUninitialize
CoInitialize
PropVariantClear
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
CoInitializeEx

oleaut32

VarUI4FromStr
SysFreeString
SysStringByteLen
SysAllocStringByteLen
VariantInit
VariantClear
CreateErrorInfo
SetErrorInfo
VariantChangeType
SysAllocStringLen
GetErrorInfo
SysAllocString

shlwapi

SHStrDupW
PathIsDirectoryW

comctl32

ImageList_GetIcon
_TrackMouseEvent
InitCommonControlsEx

oleacc

GetRoleTextW
AccessibleObjectFromEvent
AccessibleObjectFromWindow
WindowFromAccessibleObject
AccessibleObjectFromPoint
GetStateTextW

Sections

.text
Size: 811KB - Virtual size: 811KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 203KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4c2f2d3cb1e18863e4b3af23dfbad518

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

oleacc

Sections

.text Size: 811KB - Virtual size: 811KB

.rdata Size: 203KB - Virtual size: 202KB

.data Size: 12KB - Virtual size: 33KB

.idata Size: 9KB - Virtual size: 9KB

.didat Size: 2KB - Virtual size: 1KB

.rsrc Size: 11KB - Virtual size: 11KB

.reloc Size: 35KB - Virtual size: 35KB

.text
Size: 811KB - Virtual size: 811KB

.rdata
Size: 203KB - Virtual size: 202KB

.data
Size: 12KB - Virtual size: 33KB

.idata
Size: 9KB - Virtual size: 9KB

.didat
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 11KB - Virtual size: 11KB

.reloc
Size: 35KB - Virtual size: 35KB