d605a9457ef5436e821e583aa7d851a0_NEIKI

Sharing

Copy URL Twitter E-mail

General

Target

d605a9457ef5436e821e583aa7d851a0_NEIKI
Size

323KB
MD5

d605a9457ef5436e821e583aa7d851a0
SHA1

150081a6a4d7f789fcce97d0a5e769dd9a6eb8f0
SHA256

6cec02da9760e25e3e8cd63cbeb219599bb696872b1e5722a58ef9c496c7a782
SHA512

4baea97131d7ee9cb9f66a2aa727cd3e257b734da309157254abe786002558f6fb6147839694c0d323dacad30dc75c765cd09300094af06014e10fcb958138b3
SSDEEP

6144:OiN9kVWT3aCmlhszsCQTf1DUTiIz8NOPJYYxW/XOPEqAhl+SYb:Ok9kVAOd75UGxOPJYhCIE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d605a9457ef5436e821e583aa7d851a0_NEIKI

Files

d605a9457ef5436e821e583aa7d851a0_NEIKI
.exe windows:4 windows x86 arch:x86

2f1c86ae6f41c04e05fe606587786e41

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

CreateToolbarEx

kernel32

FormatMessageA
SetEndOfFile
GetPrivateProfileIntA
CreateProcessA
DeviceIoControl
GetTempPathA
Sleep
GetFileAttributesA
GetVersionExA
DeleteFileA
lstrcmpA
MulDiv
GetProfileStringA
FatalAppExitA
WaitForSingleObject
ReleaseSemaphore
CreateSemaphoreA
CloseHandle
GlobalSize
GlobalHandle
ReadFile
GlobalReAlloc
GetModuleFileNameA
GetDiskFreeSpaceA
GetLastError
CreateFileA
SetFilePointer
GlobalAlloc
HeapReAlloc
SetEnvironmentVariableA
GetTimeZoneInformation
LoadLibraryA
GetLocaleInfoA
WriteFile
TlsGetValue
RtlUnwind
TlsAlloc
SetLastError
GetCurrentThreadId
GetFileType
TlsSetValue
SetHandleCount
GetOEMCP
GetStdHandle
GetCPInfo
GetEnvironmentStringsW
GetACP
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetEnvironmentStrings
GetCurrentProcess
TerminateProcess
UnhandledExceptionFilter
LCMapStringA
WideCharToMultiByte
GlobalLock
LCMapStringW
GetStringTypeW
VirtualAlloc
VirtualFree
GlobalMemoryStatus
MultiByteToWideChar
GetStringTypeA
HeapDestroy
GetProcAddress
HeapCreate
ExitProcess
GetVersion
RaiseException
GetStartupInfoA
GetModuleHandleA
GetCommandLineA
FileTimeToSystemTime
FindClose
FileTimeToLocalFileTime
FindFirstFileA
InterlockedIncrement
FindNextFileA
HeapAlloc
HeapFree
InterlockedDecrement
GlobalFree
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
CompareStringW
GlobalUnlock
FlushFileBuffers
GetLocaleInfoW
SetStdHandle
CompareStringA

user32

RegisterClassA
CheckDlgButton
SetScrollRange
SetFocus
GetDlgItem
ShowScrollBar
GetClientRect
SetWindowLongA
GetParent
CharNextA
DialogBoxParamA
SetDlgItemTextA
SendDlgItemMessageA
EndDialog
MessageBoxA
LoadStringA
GetWindowLongA
IsDlgButtonChecked
GetDlgItemTextA
GetWindowRect
SetWindowPos
IsWindowVisible
IntersectRect
IsWindow
GetSystemMetrics
EnableWindow
wsprintfA
ShowWindow
DispatchMessageA
CheckRadioButton
IsWindowEnabled
SendMessageA
TranslateMessage
GetMessageA
UpdateWindow
LoadCursorA
LoadIconA
PostMessageA
EnableMenuItem
CheckMenuItem
DestroyWindow
GetMenu
CreateWindowExA
PeekMessageA
CreateDialogParamA
LoadBitmapA
DefWindowProcA
PostQuitMessage
InvalidateRect
BeginPaint
EndPaint
DrawEdge
ScreenToClient
GetCursorPos
GetDlgItemInt
SetCursor
IsIconic
OpenClipboard
SetDlgItemInt
SetClipboardData
ScrollWindow
EmptyClipboard
CloseClipboard
GetDC
MessageBeep
SetWindowTextA
SetScrollPos

gdi32

SetDIBitsToDevice
MoveToEx
SetMapMode
CreatePalette
SetViewportExtEx
DeleteObject
SetStretchBltMode
GetPaletteEntries
SelectPalette
StretchDIBits
RealizePalette
BitBlt
CreateBitmap
DeleteDC
CreateSolidBrush
PatBlt
CreateCompatibleDC
GetDeviceCaps
SetBkColor
SelectObject
GetDIBits
Polygon
GetStockObject
CreatePen
RestoreDC
LineTo
SetTextColor
SetBkMode
ExtTextOutA
SetROP2
GetTextExtentPoint32A
Rectangle
SetTextAlign
SaveDC
GetObjectA
CreateDCA
AbortDoc
EndDoc
SetAbortProc
StartDocA
CreateRectRgn
SelectClipRgn
GetViewportExtEx
CreateFontIndirectA
SetWindowExtEx
StartPage
EndPage
GetWindowExtEx
CreateDIBSection
GdiFlush
SetDIBits
CreateDIBitmap

winspool.drv

GetPrinterA
GetPrinterDriverA
SetPrinterA
DeviceCapabilitiesA
OpenPrinterA
DocumentPropertiesA
ClosePrinter

comdlg32

CommDlgExtendedError
PrintDlgA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegCloseKey

shell32

ShellExecuteA

msvfw32

DrawDibSetPalette
DrawDibDraw
DrawDibOpen
DrawDibBegin
DrawDibGetPalette
DrawDibEnd
DrawDibClose
DrawDibRealize

Sections

.text
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2f1c86ae6f41c04e05fe606587786e41

Headers

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

msvfw32

Sections

.text Size: 115KB - Virtual size: 114KB

.rdata Size: 10KB - Virtual size: 9KB

.data Size: 19KB - Virtual size: 30KB

.rsrc Size: 31KB - Virtual size: 31KB

.text
Size: 115KB - Virtual size: 114KB

.rdata
Size: 10KB - Virtual size: 9KB

.data
Size: 19KB - Virtual size: 30KB

.rsrc
Size: 31KB - Virtual size: 31KB