99c283e977024cf1025e6bbcf262c550_NEIKI

Sharing

Copy URL Twitter E-mail

General

Target

99c283e977024cf1025e6bbcf262c550_NEIKI
Size

3.6MB
MD5

99c283e977024cf1025e6bbcf262c550
SHA1

0acc5b4644f9d50923eb848f367f7bb8f06536a4
SHA256

11408bf390b69ebdfaf2fb11d36f111d85ef021c7e24835f1eb9089a46328afd
SHA512

1c61b7f1830ad7eb0fd9d4d5e24e7d47ccab5b63dbc5b3f74a3090f78ff01bd85879b4cce37d29ea54bab0728d6d82cd1acd56e1cf3af90d1d2edda700a9cf7e
SSDEEP

49152:4nCUxzKFoQqGUIIo6svzwEt4YSmGda5IKARrT/F5jgIF:4CUx3bst4Oya5I9Hv0IF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
99c283e977024cf1025e6bbcf262c550_NEIKI

Files

99c283e977024cf1025e6bbcf262c550_NEIKI
.exe windows:4 windows x86 arch:x86

300d5edf516bd210836c19ab0ede9244

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetOpenUrlA
InternetGetConnectedState
InternetCloseHandle
InternetReadFile
InternetCanonicalizeUrlA
InternetOpenA
InternetGetLastResponseInfoA
FtpPutFileA
FtpSetCurrentDirectoryA
InternetConnectA
InternetQueryDataAvailable
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetCrackUrlA
InternetQueryOptionA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

kernel32

SetEnvironmentVariableA
GetLocaleInfoW
CompareStringW
GetCurrentProcess
GetProcAddress
GetModuleHandleA
GetTickCount
FreeLibrary
LoadLibraryA
GetVersionExA
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTimeFormatA
CompareStringA
GetDateFormatA
GetLocalTime
SetCurrentDirectoryA
Sleep
lstrlenA
GetFileAttributesA
lstrcatA
lstrcpyA
GetLastError
CreateDirectoryA
MoveFileA
CopyFileA
MultiByteToWideChar
GetTempPathA
CloseHandle
WriteFile
CreateFileA
GetModuleFileNameA
MoveFileExA
GetFileSize
WriteProfileStringA
GetProfileStringA
SetLastError
GetUserDefaultLCID
EnumSystemLocalesA
IsValidCodePage
IsValidLocale
IsBadCodePtr
IsBadReadPtr
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
SetHandleCount
LCMapStringW
LCMapStringA
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
GetDriveTypeA
HeapSize
GetACP
GetSystemTime
GetTimeZoneInformation
GetFileType
SetStdHandle
GetCommandLineA
GetStartupInfoA
ExitThread
CreateThread
HeapReAlloc
TerminateProcess
ExitProcess
HeapAlloc
HeapFree
RaiseException
RtlUnwind
SetErrorMode
GetFileTime
GetOEMCP
GetCPInfo
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
GlobalFlags
InterlockedExchange
GetCurrentProcessId
GetCurrentThread
lstrlenW
FileTimeToLocalFileTime
GetThreadLocale
GetFullPathNameA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
DuplicateHandle
SetThreadPriority
SetEvent
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
WideCharToMultiByte
GlobalGetAtomNameA
GlobalFree
SetFileAttributesA
Process32First
Process32Next
LocalAlloc
LocalFree
DeleteCriticalSection
InitializeCriticalSection
lstrcmpA
EnterCriticalSection
LeaveCriticalSection
lstrcpynA
InterlockedIncrement
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetVersion
GetLocaleInfoA
InterlockedDecrement
CreateToolhelp32Snapshot
Module32First
Module32Next
GetComputerNameA
RemoveDirectoryA
SuspendThread
ResumeThread
FormatMessageA
UnmapViewOfFile
CreateFileMappingA
MapViewOfFile
GetFileInformationByHandle
FileTimeToSystemTime
GetCurrentDirectoryA
SystemTimeToFileTime
ReadFile
SetFilePointer
SizeofResource
GlobalSize
GlobalLock
GlobalUnlock
GlobalReAlloc
FindResourceA
GlobalAlloc
LoadResource
LockResource
GetCurrentThreadId
lstrcmpiA
MulDiv
WinExec
LoadLibraryExA
GetWindowsDirectoryA
OpenFileMappingA
WaitForSingleObject
OpenMutexA
ReleaseMutex
CreateEventA

user32

CharUpperA
GetMessageA
UnpackDDElParam
ReuseDDElParam
DefMDIChildProcA
TranslateMDISysAccel
DefFrameProcA
SetParent
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
SetWindowTextA
IsDialogMessageA
GetDlgItemTextA
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
SetFocus
AdjustWindowRectEx
DeferWindowPos
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollPos
GetTopWindow
WinHelpA
RegisterClassA
TrackPopupMenu
GetClassLongA
GetMessageTime
GetLastActivePopup
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetNextDlgGroupItem
ExitWindowsEx
MoveWindow
GetWindowTextLengthA
GetWindowRgn
GetKeyboardLayoutList
EmptyClipboard
SetClipboardData
OpenClipboard
GetClipboardData
CloseClipboard
PostQuitMessage
BeginPaint
EndPaint
SetPropA
CallWindowProcA
GetPropA
RemovePropA
DeleteMenu
GetMenuStringA
GetMenuDefaultItem
DrawStateA
WindowFromDC
CopyAcceleratorTableA
RegisterClipboardFormatA
GetMenuItemInfoA
IsMenu
MapVirtualKeyA
InsertMenuA
LoadAcceleratorsA
LoadBitmapA
SetMenu
GetKeyboardLayoutNameA
keybd_event
CheckMenuItem
TranslateAcceleratorA
GetWindowThreadProcessId
DrawMenuBar
CloseWindow
IsIconic
DrawIcon
ModifyMenuA
UnregisterHotKey
LoadIconA
wsprintfA
IsWindowVisible
GetDoubleClickTime
InvertRect
GetMessagePos
IsClipboardFormatAvailable
IntersectRect
TranslateMessage
DispatchMessageA
DrawFrameControl
BeginDeferWindowPos
EndDeferWindowPos
AppendMenuA
CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
LoadMenuA
GetSubMenu
GetMenuItemCount
GetMenuItemRect
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode
GetMenuItemID
GetMenuState
IsRectEmpty
ChildWindowFromPoint
SetWindowRgn
EqualRect
GetClassInfoA
DefWindowProcA
GetSystemMetrics
SystemParametersInfoA
LoadStringA
DestroyCursor
CopyIcon
DestroyIcon
CreateIconIndirect
ReleaseDC
GetIconInfo
MapDialogRect
GetDlgCtrlID
SetActiveWindow
SetCursorPos
mouse_event
GetWindow
GetClassNameA
IsWindowEnabled
ClipCursor
GetWindowDC
ShowOwnedPopups
SetWindowContextHelpId
GetAsyncKeyState
GetSysColorBrush
LockWindowUpdate
MessageBeep
CopyImage
PostThreadMessageA
BlockInput
GetActiveWindow
MessageBoxA
InflateRect
RegisterWindowMessageA
GetDCEx
GetWindowPlacement
ShowWindow
SetWindowPlacement
SetScrollPos
SetForegroundWindow
BringWindowToTop
LoadImageA
PostMessageA
FrameRect
DrawFocusRect
ValidateRect
InvalidateRect
GetWindowLongA
SetWindowLongA
EnableMenuItem
GetForegroundWindow
FindWindowA
GetWindowTextA
SendMessageTimeoutA
CreatePopupMenu
GrayStringA
DrawTextA
TabbedTextOutA
SetRect
CopyRect
PtInRect
GetKeyState
GetCapture
CharNextA
CharPrevA
OffsetRect
GetSysColor
DrawEdge
GetParent
SetRectEmpty
IsWindow
LoadCursorA
SetCursor
RedrawWindow
GetDC
FillRect
ReleaseCapture
SetTimer
UpdateWindow
CreateWindowExA
SetWindowPos
ClientToScreen
GetWindowRect
WindowFromPoint
GetClientRect
UnionRect
ScreenToClient
SetCapture
GetDesktopWindow
RegisterHotKey
GetFocus
IsChild
MenuItemFromPoint
GetCursorPos
KillTimer
GetMenu
DestroyMenu
GetSystemMenu
SendMessageA
EnableWindow
GetKeyNameTextA

gdi32

PatBlt
CreatePatternBrush
SetDIBitsToDevice
CreatePalette
CreateDIBitmap
GetTextColor
GetCurrentPositionEx
GetTextExtentPointA
SetTextAlign
GetTextAlign
SetWindowOrgEx
GetNearestColor
RoundRect
UnrealizeObject
CreateRectRgnIndirect
GetRgnBox
PtInRegion
GetClipBox
SaveDC
RestoreDC
SelectPalette
SetROP2
SetMapMode
CreateCompatibleDC
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
CreateFontA
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExcludeClipRect
IntersectClipRect
GetViewportExtEx
GetWindowExtEx
GetMapMode
SetRectRgn
DPtoLP
GetCharWidthA
LPtoDP
CopyMetaFileA
GetCurrentObject
GetBkColor
StretchDIBits
GetPixel
CreateRoundRectRgn
CreatePolygonRgn
CreateRectRgn
CombineRgn
OffsetRgn
FillRgn
SelectClipRgn
FrameRgn
GetDeviceCaps
SetTextJustification
CreateFontIndirectA
SetBkMode
SetBkColor
GetTextMetricsA
CreatePen
MoveToEx
LineTo
SetTextColor
CreateBitmap
StretchBlt
CreateDIBSection
GetDIBits
SetDIBits
SetPixel
Polyline
SelectObject
DeleteDC
GetTextExtentPoint32A
GetObjectA
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateSolidBrush
DeleteObject
SetPixelV
Ellipse
RealizePalette
PlayEnhMetaFile
GetEnhMetaFilePaletteEntries
DeleteEnhMetaFile
SetWinMetaFileBits
GetEnhMetaFileHeader
SetEnhMetaFileBits
GetBrushOrgEx
SetBrushOrgEx
Rectangle
ScaleViewportExtEx
GetStockObject
BitBlt
CreateCompatibleBitmap

comdlg32

GetSaveFileNameA
GetOpenFileNameA
GetFileTitleA
CommDlgExtendedError

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegQueryValueA
GetUserNameA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegDeleteValueA
RegDeleteKeyA
RegQueryValueExA

shell32

Shell_NotifyIconA
SHGetFileInfoA
DragQueryFileA
DragFinish
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
ShellExecuteA

comctl32

ord17
ImageList_GetImageCount
ImageList_GetIcon
ImageList_Draw
ImageList_DragShowNolock
ImageList_EndDrag
ImageList_Create
ImageList_DragMove
ImageList_DragLeave
ImageList_GetImageInfo
ImageList_AddMasked
ImageList_DragEnter
ImageList_BeginDrag
ImageList_SetBkColor
ImageList_GetBkColor
ImageList_GetIconSize
ImageList_Replace
ImageList_Add
ImageList_ReplaceIcon
_TrackMouseEvent
ImageList_Destroy
ImageList_LoadImageA
ImageList_DrawIndirect
PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA

oledlg

ord8

ole32

OleInitialize
OleUninitialize
CoFreeUnusedLibraries
ReleaseStgMedium
CoTaskMemFree
OleSetClipboard
OleFlushClipboard
OleIsCurrentClipboard
OleGetClipboard
CLSIDFromProgID
OleRun
OleDuplicateData
CoTaskMemAlloc
CoInitialize
CoCreateInstance
CoUninitialize
CreateILockBytesOnHGlobal
CLSIDFromString
CoRegisterMessageFilter
CoGetClassObject
CoRevokeClassObject
CreateStreamOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes

olepro32

ord253

oleaut32

SysStringLen
VariantTimeToSystemTime
SysAllocStringLen
VariantChangeType
VariantCopy
VariantClear
SysAllocString
SysFreeString
SysAllocStringByteLen

captchaservices

Free
Init
Report
RecognizeFromFile

winmm

waveOutPause
PlaySoundA
waveOutOpen

ws2_32

recv
accept
listen
WSACleanup
send
htonl
htons
socket
WSAStartup
WSAGetLastError
connect
inet_addr
ntohs
ntohl
closesocket
bind

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 372KB - Virtual size: 371KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 571KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 720KB - Virtual size: 716KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

300d5edf516bd210836c19ab0ede9244

Headers

File Characteristics

Imports

wininet

version

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

captchaservices

winmm

ws2_32

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

.rdata Size: 372KB - Virtual size: 371KB

.data Size: 112KB - Virtual size: 571KB

.rsrc Size: 720KB - Virtual size: 716KB

.text
Size: 2.4MB - Virtual size: 2.4MB

.rdata
Size: 372KB - Virtual size: 371KB

.data
Size: 112KB - Virtual size: 571KB

.rsrc
Size: 720KB - Virtual size: 716KB