7a00f5f6aa064c22730d7adbcddc5e80_NEIKI

Sharing

Copy URL

Twitter E-mail

General

Target

7a00f5f6aa064c22730d7adbcddc5e80_NEIKI
Size

3.1MB
MD5

7a00f5f6aa064c22730d7adbcddc5e80
SHA1

ef32c48337b141157508b0e0f92ee0a069187743
SHA256

59b7e9f8657a76eb384e433951738a89c908c8a3270bef0b99e9ee280e62342c
SHA512

9941066647e291b1754cbda3f10d0c9e0c3b86798879115298b7ed111e201315fa23842af92e7228c084786928a27f4c62a725045b71a56f20ca34e13626cbda
SSDEEP

49152:vcleSzlQMnlhkkaiQIu4j3PK+HyNl9cuml6TkoNFP62xhj7UPoNDErYmsB1k+Rfi:ET+Mlh1F3PK+NQ3Klsjk+Rf6TW+MYR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7a00f5f6aa064c22730d7adbcddc5e80_NEIKI

Files

7a00f5f6aa064c22730d7adbcddc5e80_NEIKI
.exe windows:5 windows x86 arch:x86

934dd4e60a525d8fd7488a6a804a2225

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Repositories\alawar_hopa\game-template\live\game\Game_release.pdb

Imports

winmm

timeGetTime
timeBeginPeriod
timeEndPeriod

dbghelp

MiniDumpWriteDump
SymInitialize
SymFromAddr

d3d9

Direct3DCreate9

openal32

alcGetString
alGetString
alGetError
alListenerfv
alcMakeContextCurrent
alcCreateContext
alcOpenDevice
alcDestroyContext
alGenBuffers
alGenSources
alDeleteBuffers
alDeleteSources
alSourcePlay
alSourceQueueBuffers
alBufferData
alSourcePause
alSourceUnqueueBuffers
alGetSourcei
alSourceStop
alGetBufferi
alSourcef
alGetSourcef
alcGetError

kernel32

GetEnvironmentStrings
FreeEnvironmentStringsA
GetConsoleMode
GetConsoleCP
SetHandleCount
VirtualAlloc
VirtualFree
HeapCreate
WriteFile
HeapSize
IsValidCodePage
GetOEMCP
GetACP
GetProcessHeap
SetEndOfFile
SetEnvironmentVariableA
TlsFree
SetCurrentDirectoryW
GetLastError
GetModuleFileNameW
GetModuleHandleW
SetLastError
FreeLibrary
GetProcAddress
LoadLibraryW
QueryPerformanceCounter
QueryPerformanceFrequency
Sleep
GetCurrentDirectoryW
FindClose
FindNextFileW
FindFirstFileW
FindNextFileA
FindFirstFileA
InitializeCriticalSection
EnterCriticalSection
TryEnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
MultiByteToWideChar
WideCharToMultiByte
MapViewOfFile
CreateFileMappingW
CloseHandle
GetFileSize
CreateFileW
CreateFileA
UnmapViewOfFile
DeleteFileW
OutputDebugStringW
GetCurrentProcess
SetThreadExecutionState
GetCurrentThreadId
CreateMutexW
SetUnhandledExceptionFilter
GetLocalTime
GetCurrentThread
GetCurrentProcessId
GetTempPathW
SetEvent
SetThreadPriority
CreateThread
CreateEventW
WaitForSingleObject
SwitchToThread
FreeEnvironmentStringsW
GetTickCount
GetDateFormatA
FileTimeToSystemTime
GlobalUnlock
GlobalLock
GlobalAlloc
LocalFree
GetSystemInfo
GetVersionExW
GetLocaleInfoA
GetUserDefaultUILanguage
InterlockedIncrement
FindResourceW
GetEnvironmentVariableA
GetModuleFileNameA
GetCurrentDirectoryA
GetEnvironmentVariableW
GetFileAttributesW
ResumeThread
GetThreadContext
SuspendThread
ReadProcessMemory
GetVersionExA
OutputDebugStringA
GetFullPathNameA
lstrcmpiA
LoadLibraryA
GetModuleHandleA
CreateFileMappingA
ReleaseSemaphore
CreateSemaphoreW
TlsSetValue
TlsAlloc
TlsGetValue
CompareStringW
CompareStringA
GetTimeFormatA
GetStringTypeW
GetCPInfo
LCMapStringW
LCMapStringA
ExitThread
ReadFile
GetEnvironmentStringsW
ExitProcess
GetStdHandle
GetFileType
WriteConsoleW
GetFileAttributesA
GetSystemTimeAsFileTime
GetStartupInfoA
GetCommandLineA
HeapAlloc
HeapReAlloc
HeapFree
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
RaiseException
RtlUnwind
InterlockedExchange
InterlockedCompareExchange
IsValidLocale
GetStringTypeA
GetLocaleInfoW
FlushFileBuffers
GetTimeZoneInformation
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
InitializeCriticalSectionAndSpinCount
SetFilePointer
GetUserDefaultLCID
InterlockedDecrement
EnumSystemLocalesA

user32

SetForegroundWindow
BringWindowToTop
PeekMessageW
TranslateMessage
DispatchMessageW
LoadIconW
RegisterClassW
AttachThreadInput
SystemParametersInfoW
SetWindowLongW
SetWindowPos
CreateWindowExW
SetWindowTextW
GetWindowThreadProcessId
DestroyWindow
EnumDisplaySettingsExW
SetCursorPos
SetCapture
ReleaseCapture
MessageBoxA
GetCursorPos
PostMessageW
GetAsyncKeyState
GetDC
ReleaseDC
ClipCursor
MessageBoxW
GetForegroundWindow
BeginPaint
DefWindowProcW
ScreenToClient
ClientToScreen
GetClientRect
RegisterWindowMessageW
GetWindowPlacement
GetWindowRect
EndPaint
ShowWindow
SetCursor
LoadCursorW
CloseClipboard
GetClipboardData
OpenClipboard
IsClipboardFormatAvailable
SetClipboardData
EmptyClipboard
DestroyIcon
DrawIconEx
LoadImageW
AdjustWindowRect
UnregisterClassW

gdi32

StretchBlt
GetDeviceCaps
DeleteObject
SelectObject
SetStretchBltMode
CreateCompatibleDC
CreateDIBSection
DeleteDC

advapi32

SetNamedSecurityInfoW
GetUserNameA
AllocateAndInitializeSid
SetEntriesInAclW
FreeSid

shell32

ShellExecuteW
SHGetFolderPathW
SHCreateDirectoryExW

ole32

CoInitialize
CoCreateInstance

oleaut32

SysFreeString
SysAllocString

shlwapi

PathCombineW
PathFileExistsW
PathAppendW
PathIsRelativeW
PathRemoveFileSpecW
PathFindFileNameW
PathFindExtensionW

wtsapi32

WTSRegisterSessionNotification
WTSUnRegisterSessionNotification

Sections

.text
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 355KB - Virtual size: 355KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 335KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 151KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

934dd4e60a525d8fd7488a6a804a2225

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

winmm

dbghelp

d3d9

openal32

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

wtsapi32

Sections

.text Size: 2.6MB - Virtual size: 2.6MB

.rdata Size: 355KB - Virtual size: 355KB

.data Size: 49KB - Virtual size: 335KB

.rodata Size: 2KB - Virtual size: 2KB

.rsrc Size: 151KB - Virtual size: 151KB

.text
Size: 2.6MB - Virtual size: 2.6MB

.rdata
Size: 355KB - Virtual size: 355KB

.data
Size: 49KB - Virtual size: 335KB

.rodata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 151KB - Virtual size: 151KB