60be88ea43745ba8bf6c78b1ddecc380_NEIKI

Sharing

Copy URL Twitter E-mail

General

Target

60be88ea43745ba8bf6c78b1ddecc380_NEIKI
Size

2.2MB
MD5

60be88ea43745ba8bf6c78b1ddecc380
SHA1

4f2a70f27b5e02959879d8c43d743fe770ce7a65
SHA256

a7fa561dec38eed182074c34437f0cc6793051542a94d22c9e2b66431e8f21bb
SHA512

89d4714b577beefe68bec00b708060e81dea5670d6299ab1219127e44b700c1edd96f4ba1ea5fe2ad3c73979cc3e0d45faad2b4f2551776ff371ba35f9213667
SSDEEP

49152:5EwUd8JRhrk6iO2Soh7SASwLjndRnJOKy0JkZOq90bQ:5EwsiRa6EjhHSwLjnnm2kZOjc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
60be88ea43745ba8bf6c78b1ddecc380_NEIKI

Files

60be88ea43745ba8bf6c78b1ddecc380_NEIKI
.dll windows:5 windows x86 arch:x86

11cef1ce09d671ae3809e0d937f294a8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
SetUnhandledExceptionFilter
GetNumberOfConsoleInputEvents
ConnectNamedPipe
GetUserGeoID
GlobalSize
GetCurrentProcess
TerminateProcess
WTSGetActiveConsoleSessionId
TerminateJobObject
SetStdHandle
GetStringTypeW
LoadLibraryExW
GetBinaryTypeW
GetModuleFileNameW
DeleteCriticalSection
UnhandledExceptionFilter
RtlUnwind
IsDebuggerPresent

ole32

CLIPFORMAT_UserUnmarshal

advapi32

AllocateAndInitializeSid
PrivilegeCheck

powrprof

WriteGlobalPwrPolicy

gdi32

DeleteObject
OffsetViewportOrgEx
StrokeAndFillPath
ExcludeClipRect
CloseEnhMetaFile
CreateCompatibleBitmap
GetDeviceCaps
OffsetClipRgn

ws2_32

WSAGetLastError

user32

UnloadKeyboardLayout
GetSystemMenu
RegisterRawInputDevices
BeginPaint
SetProcessWindowStation
GetMessagePos
GetMessageA
GetSysColorBrush

Sections

.text
Size: 132KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.code
Size: 388KB - Virtual size: 386KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

lq8zSJD
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt1
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

11cef1ce09d671ae3809e0d937f294a8

Headers

File Characteristics

Imports

kernel32

ole32

advapi32

powrprof

gdi32

ws2_32

user32

Sections

.text Size: 132KB - Virtual size: 129KB

.rdata Size: 4KB - Virtual size: 2KB

.code Size: 388KB - Virtual size: 386KB

lq8zSJD Size: 16KB - Virtual size: 12KB

.crt1 Size: 1.6MB - Virtual size: 1.6MB

.CRT Size: 4KB - Virtual size: 4B

.rsrc Size: 40KB - Virtual size: 38KB

DATA Size: 80KB - Virtual size: 78KB

.text
Size: 132KB - Virtual size: 129KB

.rdata
Size: 4KB - Virtual size: 2KB

.code
Size: 388KB - Virtual size: 386KB

lq8zSJD
Size: 16KB - Virtual size: 12KB

.crt1
Size: 1.6MB - Virtual size: 1.6MB

.CRT
Size: 4KB - Virtual size: 4B

.rsrc
Size: 40KB - Virtual size: 38KB

DATA
Size: 80KB - Virtual size: 78KB