daeac6d7c8dda9e83be7f080a37c8190_NEIKI

Sharing

Copy URL Twitter E-mail

General

Target

daeac6d7c8dda9e83be7f080a37c8190_NEIKI
Size

1.7MB
MD5

daeac6d7c8dda9e83be7f080a37c8190
SHA1

b2570cce752e4c4d307ec27d5f95490340e4cb50
SHA256

0558470a2aad353d5ae8e82ad66d344e6cc763ddd1c7ce53707822ef93ede6a0
SHA512

b84a26ae23ea664344d1e6851f94120e0f0569d46f4bde85f0aad1a7c5ef55b3cfab109d1ef36d4f8a4ad1b903d4fcd58eb788512ad8a4531cc1c7c6d56ba375
SSDEEP

49152:Lfxblpu6SbsDkhcYxgrdIvKQDmZj5O9gWSJw:7VGSYwGvnK5gmWS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
daeac6d7c8dda9e83be7f080a37c8190_NEIKI

Files

daeac6d7c8dda9e83be7f080a37c8190_NEIKI
.dll windows:5 windows x86 arch:x86

8f3db5659edd45b9fe1d047e5a4a839c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ole32

IsAccelerator

wininet

UnlockUrlCacheEntryFile

user32

DispatchMessageA
TrackPopupMenuEx
ReuseDDElParam
SetCursorPos
GetUpdateRgn

gdi32

GetWorldTransform
CreateMetaFileW
DeleteMetaFile
ScaleWindowExtEx
GetClipBox
GetArcDirection

urlmon

CoInternetSetFeatureEnabled

advapi32

RemoveUsersFromEncryptedFile
CryptDestroyHash
QueryUsersOnEncryptedFile

kernel32

IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
GetExitCodeProcess
TerminateProcess
WaitForSingleObjectEx
GetModuleHandleA
GetProcAddress
GetModuleHandleW
GetModuleFileNameA
GetBinaryTypeA
OutputDebugStringA
GetHandleInformation
GetTapeStatus
GlobalAlloc
GetFileInformationByHandle
DosDateTimeToFileTime
GetCommMask
SetConsoleCursorInfo
ContinueDebugEvent
GetOEMCP
Thread32First
SetCommTimeouts
LocalUnlock
FindClose
RtlUnwind

Exports

Exports

KeugemhrtefHnslr

Sections

.text
Size: 276KB - Virtual size: 274KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

G
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt1
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PACK
Size: 112KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8f3db5659edd45b9fe1d047e5a4a839c

Headers

DLL Characteristics

File Characteristics

Imports

ole32

wininet

user32

gdi32

urlmon

advapi32

kernel32

Exports

Exports

Sections

.text Size: 276KB - Virtual size: 274KB

.rdata Size: 1.1MB - Virtual size: 1.1MB

.data Size: 16KB - Virtual size: 18KB

G Size: 100KB - Virtual size: 98KB

.crt1 Size: 80KB - Virtual size: 78KB

PACK Size: 112KB - Virtual size: 110KB

.CRT Size: 4KB - Virtual size: 4B

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 12KB - Virtual size: 9KB

.text
Size: 276KB - Virtual size: 274KB

.rdata
Size: 1.1MB - Virtual size: 1.1MB

.data
Size: 16KB - Virtual size: 18KB

G
Size: 100KB - Virtual size: 98KB

.crt1
Size: 80KB - Virtual size: 78KB

PACK
Size: 112KB - Virtual size: 110KB

.CRT
Size: 4KB - Virtual size: 4B

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 12KB - Virtual size: 9KB