d8d647b3e6758d79bc316705a189e1a0_NEIKI

General

Target

d8d647b3e6758d79bc316705a189e1a0_NEIKI
Size

48KB
MD5

d8d647b3e6758d79bc316705a189e1a0
SHA1

f3ea74c7cffbdd8be38178d04a3c57b10337b9a7
SHA256

b2696bc4507e95583396cf54d48f2dd9f5e3ef42b0e2aa0d6b68f3bbb53be4d9
SHA512

fde7f5fc9860961e5013782c32df36348bfc9c956275f8234756094645cd51864b72f98abd297b0d0e76807198341ce95202ce4d2a7ea45d950db74f3e785bcb
SSDEEP

768:XCNCKcabTVxYeoMor1aXGTrSgNMh+/8o9fj:SpcgTVxYdZFrRuhpo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d8d647b3e6758d79bc316705a189e1a0_NEIKI

Files

d8d647b3e6758d79bc316705a189e1a0_NEIKI
.dll windows:4 windows x86 arch:x86

e47c1267214f0274d5a09ebfab78172a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

windos95

ord28
ord29
ord41
ord78
ord4
ord35
ord3
ord16
ord42
ord33
ord61
ord34

scsi95

ord151
ord153
ord46
ord48
ord51
ord107
ord45
ord52
ord144
ord139

kernel32

WideCharToMultiByte
FreeEnvironmentStringsW
InterlockedIncrement
InterlockedDecrement
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
RtlUnwind
LoadLibraryA
GetProcAddress
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
HeapReAlloc
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc

Exports

Exports

getinitdata
getptr

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e47c1267214f0274d5a09ebfab78172a

Headers

File Characteristics

Imports

windos95

scsi95

kernel32

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 20KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 12KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 24KB - Virtual size: 20KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 12KB

.reloc
Size: 4KB - Virtual size: 3KB