95a0a0cd5d004ab0cc36fcfd2c035c10_NEIKI

General

Target

95a0a0cd5d004ab0cc36fcfd2c035c10_NEIKI
Size

172KB
MD5

95a0a0cd5d004ab0cc36fcfd2c035c10
SHA1

5ad136e818004bbe4c0037f6bfd05595f92089e8
SHA256

60660ad08b8e49b96b05462a29e83c28c20cbae8a057d52947c5b98ca23d8ec4
SHA512

1b70571dd4bf0226be7255803b474a36557df0b2d77d9b0e22a6d19d4038cdac3ccc0d68da29c0a224a9b5e09c4e8e44e249ef65e2d782dcd7333b3689b4f3c1
SSDEEP

3072:W5+2X2yKOV5f7oc0cc4NDVXzSVb6SSIV2lQBV+UdE+rECWp7hKqnj:W5+2Xl5t0c/NDZz8BV+UdvrEFp7hKIj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
95a0a0cd5d004ab0cc36fcfd2c035c10_NEIKI

Files

95a0a0cd5d004ab0cc36fcfd2c035c10_NEIKI
.dll windows:4 windows x86 arch:x86

07c52a07a7f818d221bc1c6bdf00c603

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeEnvironmentStringsA
InterlockedIncrement
GetCommandLineA
GetVersion
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
InterlockedDecrement
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
HeapAlloc
GetCPInfo
RtlUnwind
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA

Exports

Exports

_HE_close@0
_HE_convertWord@8
_HE_flushForNewWord@0
_HE_getInputMode@0
_HE_getOneKeyMode@0
_HE_getSwitchingMode@0
_HE_putKey@12
_HE_setAppendMode@4
_HE_setInOutHangulCode@4
_HE_setInputMode@4
_HE_setOneKeyMode@4
_HE_setSwitchingMode@4
_HE_system@8

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

07c52a07a7f818d221bc1c6bdf00c603

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 29KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 44KB - Virtual size: 44KB

.reloc Size: 12KB - Virtual size: 10KB

.text
Size: 32KB - Virtual size: 29KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 44KB - Virtual size: 44KB

.reloc
Size: 12KB - Virtual size: 10KB