07d78749506bb06b1b2925ba85d117f0_NEIKI

Sharing

Copy URL

Twitter E-mail

General

Target

07d78749506bb06b1b2925ba85d117f0_NEIKI
Size

364KB
MD5

07d78749506bb06b1b2925ba85d117f0
SHA1

494cd06fd5cc8bf8d8233d9bf83bf07f0552bfcd
SHA256

954b8e0235a34ce2d93b35f0b4b497ad6a810a2c0e88b02c081bd898a44c1f5d
SHA512

21e1bec648814798c9eed6fa004b9d46c18f8aad3320e15052eff58ebdcd4303caf16131915e4415197e96649bf0f5f453c40c372a4701135aa44ef8e7574e7c
SSDEEP

6144:PDXuq9+qwNeY+QN11srgLdWNFk1AZayPqjC5vhEnAKknCFD:Pzx+qrnQN11srg4BQWbEnrD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07d78749506bb06b1b2925ba85d117f0_NEIKI

Files

07d78749506bb06b1b2925ba85d117f0_NEIKI
.exe windows:4 windows x86 arch:x86

a6831ff01822c1d69c9c8dc1f5739ab5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToSystemTime
FileTimeToLocalFileTime
CopyFileA
SetFileAttributesA
GetPrivateProfileIntA
InterlockedExchange
GetModuleFileNameA
FindFirstFileA
FindClose
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetTimeZoneInformation
SetEndOfFile
LCMapStringW
LCMapStringA
CreateFileA
FlushFileBuffers
GetFileAttributesA
Sleep
VirtualAlloc
GetStringTypeW
GetStringTypeA
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetEnvironmentStringsW
CreateProcessA
GetExitCodeProcess
CloseHandle
GetFullPathNameA
GetWindowsDirectoryA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetVersion
InterlockedIncrement
InterlockedDecrement
LeaveCriticalSection
SetEvent
EnterCriticalSection
DeleteCriticalSection
WaitForSingleObject
CreateEventA
InitializeCriticalSection
FreeLibrary
LoadLibraryA
GetProcAddress
MultiByteToWideChar
CreateThread
GlobalFree
LocalAlloc
SetErrorMode
LocalFree
DeleteFileA
FindNextFileA
GetLocalTime
GetLastError
ExitProcess
TerminateProcess
GetCurrentProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
HeapFree
HeapAlloc
HeapReAlloc
HeapSize
ResumeThread
TlsSetValue
ExitThread
WriteFile
GetCPInfo
GetACP
GetOEMCP
ReadFile
GetCurrentThreadId
TlsAlloc
SetLastError
TlsGetValue
SetStdHandle
GetFileType
SetFilePointer
SetHandleCount
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetDriveTypeA

user32

DialogBoxParamA
SetTimer
GetWindowLongA
GetActiveWindow
GetAsyncKeyState
GetSystemMetrics
PostQuitMessage
WinHelpA
GetDC
ReleaseDC
MessageBoxA
LoadIconA
LoadCursorA
RegisterClassA
CreateWindowExA
SetWindowTextA
ShowWindow
UpdateWindow
GetWindowRect
AdjustWindowRect
MoveWindow
InvalidateRect
EndPaint
BeginPaint
FillRect
SetWindowPos
DefWindowProcA
TranslateMessage
DispatchMessageA
PeekMessageA
GetMessageA
GetWindowTextA
SetForegroundWindow
GetClientRect
ScreenToClient
GetCursorPos
WINNLSEnableIME
GetKeyState
keybd_event
ChangeDisplaySettingsA
IsZoomed
IsIconic
SendMessageA
SystemParametersInfoA
DestroyWindow
ValidateRect
GetClassNameA
EnumWindows
GetDlgItemTextA
GetWindow
KillTimer
SendDlgItemMessageA
IsDlgButtonChecked
GetDlgItem
EnableWindow
CheckMenuItem
SetMenu
DestroyMenu
CreateMenu
AppendMenuA
DrawMenuBar
ScrollWindow
GetMenu
EnableMenuItem
PostMessageA
EndDialog
SetDlgItemTextA

gdi32

StretchDIBits
DeleteObject
CreateDIBSection
CreateCompatibleDC
SelectObject
SetBkMode
SetBkColor
SetTextColor
GetDeviceCaps
SetDIBColorTable
ExtTextOutA
CreateFontIndirectA
GetStockObject
DeleteDC
SetTextAlign

comdlg32

GetOpenFileNameA
GetSaveFileNameA

shell32

ShellExecuteExA

winmm

timeGetTime
waveOutGetNumDevs
waveOutRestart
timeEndPeriod
timeKillEvent
timeSetEvent
timeBeginPeriod
timeGetDevCaps
mciSendCommandA
joyGetPos
mixerSetControlDetails
mixerGetLineControlsA
mixerGetLineInfoA
mixerGetDevCapsA
mixerOpen
mixerGetControlDetailsA
waveOutClose
waveOutUnprepareHeader
waveOutReset
waveOutWrite
waveOutPrepareHeader
waveOutOpen
midiOutGetNumDevs

msvfw32

MCIWndCreateA

imm32

ImmGetConversionStatus
ImmGetContext
ImmSetConversionStatus
ImmSetOpenStatus
ImmGetOpenStatus
ImmReleaseContext

advapi32

RegSetValueExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegDeleteValueA
RegFlushKey
RegCreateKeyExA

ole32

CoUninitialize
CoCreateInstance
CoInitialize

Sections

.text
Size: 232KB - Virtual size: 230KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 547KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a6831ff01822c1d69c9c8dc1f5739ab5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

shell32

winmm

msvfw32

imm32

advapi32

ole32

Sections

.text Size: 232KB - Virtual size: 230KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 96KB - Virtual size: 547KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 232KB - Virtual size: 230KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 96KB - Virtual size: 547KB

.rsrc
Size: 16KB - Virtual size: 15KB