d6b11b22c2b8797e654ff0511d6f97e0_NEIKI

Sharing

Copy URL Twitter E-mail

General

Target

d6b11b22c2b8797e654ff0511d6f97e0_NEIKI
Size

182KB
MD5

d6b11b22c2b8797e654ff0511d6f97e0
SHA1

a65c0c035abde7493bb96748d46ece102cabcc52
SHA256

9e13128fac4bd5635f6393b30d3c5cbfec60ca2aa8c7f93e01bc60d5ea5e658e
SHA512

a4de2cfa561c380fc67e874ec595f3118ae98f19c3c4883c92883c271712f627a70fab76957dc1a534b6c5c56c05e7186760c14a553eaa50f86db31f473d6d2b
SSDEEP

3072:rb0SHHztEO3bBeoPbtUkHInkRkVQOK+KPESNWRez2lQBV+UdE+rECWp7hK7hk:f0pEb46SOIiOK+gBV+UdvrEFp7hK7hk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6b11b22c2b8797e654ff0511d6f97e0_NEIKI

Files

d6b11b22c2b8797e654ff0511d6f97e0_NEIKI
.dll windows:5 windows x86 arch:x86

2f1ef1e0496d2a2a731512ab8bbc1d9b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Users\Josh\Desktop\Emulation\OwnaClient_v18\kailleraclient.pdb

Imports

ws2_32

WSAGetLastError
connect
send
recv
shutdown
closesocket
select
__WSAFDIsSet
WSACleanup
WSAStartup
recvfrom
sendto
inet_addr
gethostbyname
htons
socket
htonl
bind
ioctlsocket
getsockname
ntohs
getsockopt
setsockopt

comctl32

InitCommonControlsEx

kernel32

IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
InterlockedExchange
QueryPerformanceCounter
GetCurrentThreadId
GetTickCount
GlobalAlloc
GlobalLock
GlobalUnlock
GetCurrentThread
SwitchToThread
GetExitCodeThread
TerminateThread
CreateThread
WritePrivateProfileStringA
GetCurrentProcessId
GetLocalTime
_lwrite
OpenFile
CreateDirectoryA
_lclose
Sleep
_lread
GetFileSize
FindClose
GetLastError
FindNextFileA
FindFirstFileA
DeleteFileA
FreeLibrary
LoadLibraryA
GetCurrentDirectoryA
GetPrivateProfileIntA
GetPrivateProfileStringA
GetSystemTimeAsFileTime

user32

EnableWindow
TrackPopupMenu
CreatePopupMenu
KillTimer
GetCursorPos
InsertMenuItemA
AppendMenuA
FlashWindowEx
SetScrollRange
GetWindowRect
GetScrollRange
MessageBeep
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
SetDlgItemInt
SetTimer
SetDlgItemTextA
GetDlgItemInt
SetFocus
SetWindowPos
InvalidateRect
GetWindowTextA
ShowWindow
GetWindowTextLengthA
SetWindowTextA
EndDialog
GetDlgItem
MessageBoxA
DispatchMessageA
PeekMessageA
TranslateMessage
wsprintfA
SendMessageA
DialogBoxParamA

advapi32

GetUserNameA

shell32

ShellExecuteA

msvcr90

_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
_vsnprintf_s
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
strstr
_vsnprintf
strncmp
_snprintf
sprintf_s
??2@YAPAXI@Z
??3@YAXPAX@Z
__CxxFrameHandler3
strtok
atoi
vsprintf
realloc
strncat
memcpy
strncpy
malloc
free
memset
printf
sprintf
vprintf
_time64
_localtime64
__clean_type_info_names_internal
_malloc_crt

Exports

Exports

_kailleraChatSend@4
_kailleraEndGame@0
_kailleraGetVersion@4
_kailleraInit@0
_kailleraModifyPlayValues@8
_kailleraSelectServerDialog@4
_kailleraSetInfos@4
_kailleraShutdown@0
z00_With
z01_stupidity
z02_even
z03_the
z04_gods
z05_contend
z06_in
z07_vain

Sections

.text
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2f1ef1e0496d2a2a731512ab8bbc1d9b

Headers

File Characteristics

PDB Paths

Imports

ws2_32

comctl32

kernel32

user32

advapi32

shell32

msvcr90

Exports

Exports

Sections

.text Size: 74KB - Virtual size: 74KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 1KB - Virtual size: 53KB

.rsrc Size: 9KB - Virtual size: 8KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 74KB - Virtual size: 74KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 1KB - Virtual size: 53KB

.rsrc
Size: 9KB - Virtual size: 8KB

.reloc
Size: 8KB - Virtual size: 7KB