5247627c2bbcdde6967785c5516c6a70_NEIKI

Sharing

Copy URL Twitter E-mail

General

Target

5247627c2bbcdde6967785c5516c6a70_NEIKI
Size

228KB
MD5

5247627c2bbcdde6967785c5516c6a70
SHA1

00c6946f8a33430202aa1883651d8bf1b9db227d
SHA256

3dd2567e5d0364eb17e87b852b6476d94410d9094d38eb30b330ac7d3f296cd3
SHA512

6e347d7e584dd9358aba0c7c375908fed84e51a619ea87156e502b9eb2bd84c9570b7b85a7474172fa2f92aa167c4174975ca0685cfd6c52f278d59fc643c33e
SSDEEP

3072:FiowI5NnkKMagWOtjlN3pxvn+BrF0otM0mo8cgm:gknzgzJN3yrF0dK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5247627c2bbcdde6967785c5516c6a70_NEIKI

Files

5247627c2bbcdde6967785c5516c6a70_NEIKI
.exe windows:4 windows x86 arch:x86

cf40c7949bb3e7d92ba8da201cb64d50

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
GetLastError
GetCurrentDirectoryA
GetDriveTypeA
SetCurrentDirectoryA
FindFirstFileA
GetLocalTime
ReleaseMutex
ReadFile
GetVersionExA
LoadLibraryA
OutputDebugStringA
GetProcAddress
FreeLibrary
ExitProcess
CloseHandle
SetFilePointer
WriteFile
CreateFileA
FindNextFileA
FindClose
GetCommandLineA
CreateMutexA
SetThreadPriority
GetEnvironmentStringsW
HeapDestroy
GetEnvironmentStrings
GetFileAttributesA
GetFullPathNameA
LCMapStringW
LCMapStringA
SetEndOfFile
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
SetStdHandle
FlushFileBuffers
CreateProcessA
GetExitCodeProcess
SetEnvironmentVariableA
GetFileSize
IsDBCSLeadByte
CreateThread
CreateEventA
WaitForSingleObject
SetEvent
Sleep
ExitThread
WaitForMultipleObjects
VirtualFree
DeleteFileA
RtlUnwind
TerminateProcess
GetCurrentProcess
GetModuleHandleA
GetStartupInfoA
GetVersion
HeapFree
HeapAlloc
HeapSize
HeapReAlloc
SetHandleCount
GetStdHandle
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
VirtualAlloc
HeapCreate

user32

MessageBoxA
wvsprintfA
GetClientRect
DefWindowProcA
PostQuitMessage
ShowCursor
SetCapture
wsprintfA
WaitMessage
DispatchMessageA
TranslateMessage
PeekMessageA
SetFocus
UpdateWindow
GetKeyState
PostMessageA
GetKeyboardLayoutNameA
SetCursorPos
CreateWindowExA
ReleaseCapture
ShowWindow
SetCursor
ActivateKeyboardLayout
ClientToScreen
SetRect
AdjustWindowRectEx
LoadIconA
LoadCursorA
RegisterClassExA
GetSystemMetrics

gdi32

GetStockObject
SetBkColor
SetTextColor
TextOutA
EnumFontFamiliesExA
GetTextExtentPoint32A
GetTextMetricsA
SelectObject
CreateFontIndirectA
DeleteObject
SetBkMode
GetGlyphOutlineA

ole32

CoCreateInstance
CoInitialize
CoUninitialize

ws2_32

WSAStartup
closesocket
getsockname
gethostname
recv
send
inet_addr
connect
WSAGetLastError
gethostbyname
htons
WSACleanup
WSAAsyncSelect
socket

winmm

timeGetTime

imm32

ImmAssociateContext
ImmGetConversionStatus
ImmSetConversionStatus
ImmGetCandidateListA
ImmGetCompositionStringA
ImmIsIME
ImmDestroyContext
ImmCreateContext

ddraw

DirectDrawCreateEx

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

dsound

ord1

Sections

.text
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cf40c7949bb3e7d92ba8da201cb64d50

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ole32

ws2_32

winmm

imm32

ddraw

advapi32

dsound

Sections

.text Size: 116KB - Virtual size: 112KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 100KB - Virtual size: 98KB

.text
Size: 116KB - Virtual size: 112KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 100KB - Virtual size: 98KB