@WEP$qqsi
DllCanUnloadNow
DllGetClassObject
DllGetDataSnapClassObject
DllRegisterServer
DllUnregisterServer
ExitAlchemy
InitAlchemy
___CPPdebugHook
Windows 7 will be removed from tria.ge on 2025-03-31
Behavioral task
behavioral1
Sample
69cebcbc849cec12d2462e1df73b9940_NEIKI.dll
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
69cebcbc849cec12d2462e1df73b9940_NEIKI.dll
Resource
win10v2004-20240426-en
Target
69cebcbc849cec12d2462e1df73b9940_NEIKI
Size
132KB
MD5
69cebcbc849cec12d2462e1df73b9940
SHA1
7728e5849f41647b1f97f4275c90daedf77c595f
SHA256
f653c08a167b5279b6256b305ad6e95cb6147db0a28d03090a38a335297c3948
SHA512
161f6aaacafdc9b6dcda6cc4de453bc479d74524a86d69d828bab04bda131d61e2670ebba30f6f8ebb6aea0aa07664cf1f8f3c95e529e2778ca651312bf4b341
SSDEEP
3072:Ze6bX7NuGCa35+S7auWTt5GoX1/SkD2bFwo5b23vnL5:Q6T7NuRS7cT/9ldq/5b231
| resource | yara_rule |
|---|---|
| sample | aspack_v212_v242 |
Checks for missing Authenticode signature.
| resource |
|---|
| 69cebcbc849cec12d2462e1df73b9940_NEIKI |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
@WEP$qqsi
DllCanUnloadNow
DllGetClassObject
DllGetDataSnapClassObject
DllRegisterServer
DllUnregisterServer
ExitAlchemy
InitAlchemy
___CPPdebugHook
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE