c6728c1292c67405aa76675ad77b7790_NEIKI

Sharing

Copy URL Twitter E-mail

General

Target

c6728c1292c67405aa76675ad77b7790_NEIKI
Size

113KB
MD5

c6728c1292c67405aa76675ad77b7790
SHA1

d8df414385ef34fd527da8fe344ee937aa0a40c4
SHA256

7b340e77d28c0dee31f68940ffaf4818f238c8670ca54636613003cc6f0c883b
SHA512

c32c2c28cc1f3d6dd99ae5a03dbe3b091e008cdb4c3769671028b3085f6b40aaea99cd9d4135c15eb8d094ce02aa529a5cd79c368b671624471567fdf2dc10ac
SSDEEP

1536:Nd14L6my1g09KKhnJdIh3EAUnaD/fD/hlOrTsk2:n14G3b9KKhcOAUnYznOsk2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c6728c1292c67405aa76675ad77b7790_NEIKI

Files

c6728c1292c67405aa76675ad77b7790_NEIKI
.exe windows:5 windows x86 arch:x86

24f70d99752965634bb916d95c8cf944

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\lbbetty\Downloads\9030 Test_WZ\9030 Test_WZ\Debug\9030 Test.pdb

Imports

dfjzh9030dll

ReadIOBit_9030
WriteIoBit_9030
SetAxisStartVel_9030
CeaseAxis_9030
SetAxisStopVel_9030
Set_IO_Pos_9030
Enable_IO_Pos_9030
SetActiveEncoder_9030
SetAxisFE_9030
CancelAxisFEG_9030
UnlockFlash_9030
ReadFlashChar_9030
WriteFlashChar_9030
LockFlash_9030
UpDateFlash_9030
GoHome_9030
HomeEncode_9030
DAOut_9030
PwmStop_9030
PwmOut_9030
LM_Pause_9030
LM_Resume_9030
AbortAxis_9030
LM_ArcCW_9030
SetAxisMotorOnOff_9030
LM_SetXAxis_9030
LM_SetYAxis_9030
LM_SetZAxis_9030
LM_SetWAxis_9030
LM_SetACCDec_9030
LM_CleanBuff_9030
LM_GetXStartPos_9030
LM_GetYStartPos_9030
LM_GetZStartPos_9030
LM_GetWStartPos_9030
LM_Line_9030
LM_End_9030
LM_Start_9030
SetAxisStopDec_9030
StopAxis_9030
ReadAxisPos_9030
ReadAxisVel_9030
ReadAxisEncodePos_9030
LM_GetState_9030
LM_GetLineNO_9030
LM_GetBuffLen_9030
ReadEncoderPos_9030
ReadAxisState_9030
GetErrorNo_9030
ReadIO_9030
WriteIo_9030
Home_9030
HomeFB_9030
SetAxisIO_9030
SetAxisAcc_9030
SetAxisDec_9030
StartAxisVel_9030
SetAxisVel_9030
SetAxisPos_9030
StartAxis_9030
InitCard_9030
SetAxisWorkMode_9030
SetAxisOutMode_9030

mfc90d

ord3539
ord3557
ord3569
ord3546
ord3562
ord3567
ord3550
ord3552
ord3554
ord3548
ord3564
ord3541
ord1226
ord1222
ord1224
ord1220
ord1215
ord7596
ord7598
ord8803
ord2306
ord6445
ord6972
ord5166
ord1903
ord3243
ord7547
ord6335
ord9296
ord7377
ord2699
ord7492
ord6404
ord2035
ord5950
ord2335
ord2338
ord8715
ord4634
ord2251
ord2252
ord2408
ord2409
ord7160
ord6986
ord6365
ord7523
ord2675
ord2672
ord2563
ord2847
ord9251
ord8434
ord9007
ord8380
ord3993
ord8951
ord1560
ord8573
ord6773
ord7001
ord869
ord2940
ord3748
ord8218
ord5034
ord598
ord5953
ord699
ord1131
ord3998
ord322
ord3876
ord7251
ord6050
ord1407
ord8475
ord3462
ord911
ord2128
ord964
ord8100
ord4404
ord7774
ord7413
ord670
ord3559
ord3254
ord3241
ord2210
ord9300
ord5704
ord9298
ord5043
ord7256
ord8667
ord4470
ord1971
ord7516
ord2780
ord2383
ord2382
ord2305
ord7544
ord4329
ord6669
ord6424
ord3031
ord1772
ord4873
ord406
ord355
ord1475
ord6102
ord5454
ord721
ord750
ord2861
ord926
ord946
ord6124
ord6081
ord9299
ord5703
ord9297
ord6495
ord2904
ord2859
ord8123
ord5712
ord1386
ord7419
ord9228
ord7822
ord5746
ord2714
ord4451
ord7580
ord7582
ord3335
ord5954
ord6761
ord7592
ord7557
ord8106
ord3791
ord4105
ord4301
ord6476
ord4082
ord4304
ord3794
ord3981
ord3783
ord5563
ord5564
ord5554
ord3979
ord5957
ord6664
ord6423
ord3138
ord1860
ord8241
ord5026
ord687
ord6729
ord5496
ord939
ord3544
ord1666
ord1405
ord1502

msvcr90d

_CrtDbgReportW
_initterm
_initterm_e
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_except_handler4_common
_controlfp_s
_invoke_watson
_CrtSetCheckCount
_acmdln
_ismbblead
exit
_cexit
_XcptFilter
_exit
__getmainargs
_amsg_exit
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
_CRT_RTC_INITW
??_V@YAXPAX@Z
fopen
fprintf
atof
atoi
_setmbcp
fclose
__CxxFrameHandler3

kernel32

InterlockedCompareExchange
FreeLibrary
MulDiv
GetModuleFileNameW
GetProcessHeap
HeapAlloc
HeapFree
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
LoadLibraryA
GetProcAddress
lstrlenA
MultiByteToWideChar
WideCharToMultiByte
DebugBreak
RaiseException
IsDebuggerPresent
GetStartupInfoA
VirtualQuery
InterlockedExchange
Sleep

user32

IsRectEmpty
SetRect
InflateRect
OffsetRect
SetRectEmpty
CopyRect
PtInRect
GetSystemMetrics
IntersectRect
UnionRect
EqualRect
SubtractRect

oleaut32

SysFreeString

Sections

.textbss
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

24f70d99752965634bb916d95c8cf944

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

dfjzh9030dll

mfc90d

msvcr90d

kernel32

user32

oleaut32

Sections

.textbss Size: - Virtual size: 64KB

.text Size: 74KB - Virtual size: 73KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 1024B - Virtual size: 13KB

.idata Size: 7KB - Virtual size: 6KB

.rsrc Size: 14KB - Virtual size: 14KB

.textbss
Size: - Virtual size: 64KB

.text
Size: 74KB - Virtual size: 73KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 1024B - Virtual size: 13KB

.idata
Size: 7KB - Virtual size: 6KB

.rsrc
Size: 14KB - Virtual size: 14KB