6b004a0c295da58670cb77e400b93390_NEIKI

Sharing

Copy URL

Twitter E-mail

General

Target

6b004a0c295da58670cb77e400b93390_NEIKI
Size

69KB
MD5

6b004a0c295da58670cb77e400b93390
SHA1

ba806091eb0e0c8f1fddd80fd93c88b1363da047
SHA256

675590586ec47fdd278921fe3ded048c43a20a99a308e62b64a24ce79d6f8711
SHA512

bef9596e97d819f50c0de221298023dcf1e5ec4be72f7c96de77764e5c647fb4645c716b8d7d3b35c594bec8142c421599f08dbb1d5dd05c84a038601dbe1205
SSDEEP

768:KD5zYOxRzb3JKJPYsBhkAZ+Rp7fLcucbzWuZsGV7XJK9wcvxeLpitWPFvQ2:KDB/xRtKpAE6LcXz7ZzhJMspi8PFvH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6b004a0c295da58670cb77e400b93390_NEIKI

Files

6b004a0c295da58670cb77e400b93390_NEIKI
.dll windows:6 windows x64 arch:x64

460fa8d22043f928c55aa6e0d6ca4154

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

python310

PyGC_Enable
PyGC_Disable
_PyObject_GC_New
PyObject_GC_Track
PyObject_GC_UnTrack
PyObject_GC_Del
PyObject_GC_IsFinalized
PyBytes_FromStringAndSize
PyBytes_FromString
PyBytes_AsStringAndSize
PyUnicode_FromStringAndSize
PyUnicode_FromString
PyUnicode_FromFormat
PyUnicode_InternFromString
PyUnicode_Decode
PyUnicode_Concat
PyUnicode_Compare
_PyUnicode_Ready
PyUnicode_AsUTF8
PyLong_FromLong
PyTuple_New
PyTuple_GetItem
PyTuple_GetSlice
PyTuple_Pack
PyList_New
PyDict_New
PyDict_SetItem
PyDict_DelItem
PyDict_Next
PyDict_Size
PyDict_GetItemString
PyDict_SetItemString
_PyDict_GetItem_KnownHash
PyModule_NewObject
PyModule_GetDict
PyModule_GetName
PyModuleDef_Init
PyMethod_New
PyCapsule_New
PyCapsule_GetPointer
PyCode_NewWithPosOnlyArgs
PyObject_RichCompareBool
PyTraceBack_Here
PyInterpreterState_GetID
PyThreadState_Get
_PyThreadState_UncheckedGet
PyObject_Call
PyObject_CallObject
PyObject_GetItem
PyObject_Init
PyIter_Send
PyObject_IsSubclass
PyObject_VectorcallDict
_PyGen_SetStopIterationValue
PyDescr_IsData
PyErr_WarnEx
PyErr_SetNone
PyErr_SetObject
PyErr_SetString
PyErr_Occurred
PyErr_Clear
PyErr_Fetch
PyErr_Restore
PyErr_GivenExceptionMatches
PyErr_ExceptionMatches
PyErr_NormalizeException
PyException_SetTraceback
PyException_SetCause
PyErr_NoMemory
PyErr_Format
PyErr_WriteUnraisable
PyOS_snprintf
PyArg_UnpackTuple
PyRun_StringFlags
Py_GetVersion
Py_EnterRecursiveCall
Py_LeaveRecursiveCall
PyImport_GetModuleDict
PyImport_GetModule
PyImport_AddModule
PyImport_ImportModule
PyImport_ImportModuleLevelObject
PyFrame_New
PyObject_RichCompare
PyType_Modified
PyType_Ready
PyType_IsSubtype
PyMem_Free
PyMem_Realloc
PyMem_Malloc
_PyByteArray_empty_string
PyByteArray_Type
_Py_NoneStruct
PyBaseObject_Type
PyExc_RuntimeWarning
PyExc_ValueError
PyExc_TypeError
PyExc_SystemError
PyExc_RuntimeError
PyExc_NameError
PyObject_Free
_PyObject_GenericGetAttrWithDict
PyObject_CallFinalizerFromDealloc
_PyObject_GetDictPtr
_PyType_Lookup
_Py_Dealloc
PyObject_ClearWeakRefs
PyObject_Not
PyObject_IsTrue
PyObject_Hash
PyObject_GenericGetAttr
PyObject_SelfIter
PyObject_SetAttr
PyObject_GetAttr
PyObject_SetAttrString
PyObject_Format
PyObject_GetAttrString
PyExc_ImportError
PyExc_AttributeError
PyExc_GeneratorExit
PyExc_StopIteration
PyExc_StopAsyncIteration
PyAsyncGen_Type
PyCoro_Type
PyGen_Type
PyTraceBack_Type
PyMethod_Type
PyCFunction_Type
PyList_Type
PyFloat_Type
_Py_TrueStruct
_Py_FalseStruct
PyLong_Type
PyCode_NewEmpty
PyUnicode_Type

openal32

alcGetIntegerv
alcCloseDevice
alcIsExtensionPresent
alcGetProcAddress
alcGetEnumValue
alcGetString
alcOpenDevice

vcruntime140

strrchr
memcmp
__C_specific_handler
__std_type_info_destroy_list
memset
memcpy

api-ms-win-crt-heap-l1-1-0

malloc
free

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table
_initialize_onexit_table
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_cexit
_initialize_narrow_environment

kernel32

IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext

Exports

Exports

PyInit_device

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 376B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

460fa8d22043f928c55aa6e0d6ca4154

Headers

DLL Characteristics

File Characteristics

Imports

python310

openal32

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

kernel32

Exports

Exports

Sections

.text Size: 43KB - Virtual size: 43KB

.rdata Size: 17KB - Virtual size: 16KB

.data Size: 4KB - Virtual size: 6KB

.pdata Size: 2KB - Virtual size: 2KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 512B - Virtual size: 376B

.text
Size: 43KB - Virtual size: 43KB

.rdata
Size: 17KB - Virtual size: 16KB

.data
Size: 4KB - Virtual size: 6KB

.pdata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 512B - Virtual size: 376B