0aad8e352523907666b04cf92027ede0_NEIKI

Sharing

Copy URL Twitter E-mail

General

Target

0aad8e352523907666b04cf92027ede0_NEIKI
Size

3.2MB
MD5

0aad8e352523907666b04cf92027ede0
SHA1

90bf25547f1d9c2741c3313cf08fd7ec93905a91
SHA256

876748ccfa713b6e929e91346fd1602955fc57f699c45dfc02121840ab23aaf4
SHA512

1ed25603318ef6cd01105514aae4c554cd8f9ec9b28ceb376adb24b52d884892710f1cbc9c1748cea168c4b53a1b663f95997105e5d2a9d9c3f8ba85ae0a7983
SSDEEP

98304:LnFcDJliSAW9QvgdnULQvskq+n1EC4c+7VH1k0iJbm5:TZW98MnULQvs/rdcj02S5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0aad8e352523907666b04cf92027ede0_NEIKI

Files

0aad8e352523907666b04cf92027ede0_NEIKI
.exe windows:5 windows x86 arch:x86

8df97d0c75803192c37693beebe3f9bd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetOpenFileNameW
GetSaveFileNameW

user32

ReleaseDC
DestroyMenu
ChangeDisplaySettingsW
UnregisterClassW
DestroyWindow
CreateWindowExW
RegisterClassW
SetFocus
SetForegroundWindow
GetClientRect
EnumDisplayDevicesA
GetParent
SetWindowLongW
SetPropW
GetDlgItem
FindWindowExW
EnableWindow
GetDC
DrawMenuBar
DefWindowProcW
CallWindowProcW
EndDialog
SendMessageW
SetWindowPos
AdjustWindowRect
GetWindowLongW
ShowWindow
ToAsciiEx
MapVirtualKeyExW
ToAscii
GetKeyboardLayout
PostMessageW
SetCursorPos
ClientToScreen
ShowCursor
SetCursor
LoadCursorW
GetDoubleClickTime
GetSystemMetrics
CloseClipboard
GetClipboardData
TrackPopupMenu
CheckMenuRadioItem
SetMenuItemInfoA
EnableMenuItem
RemoveMenu
InsertMenuItemA
CreatePopupMenu
LoadIconW
GetMenuItemCount
GetMenuItemInfoA
GetForegroundWindow
GetWindowThreadProcessId
TranslateMessage
DispatchMessageW
SendInput
CreateMenu
SetMenu
OpenClipboard
IsMenu
MsgWaitForMultipleObjects
SetWindowTextW
PeekMessageW
GetDesktopWindow
SystemParametersInfoW
SetCapture
ReleaseCapture
MapVirtualKeyW
ToUnicode
ClipCursor
GetWindowRect
GetCursorPos
GetKeyState
MessageBoxW
WaitForInputIdle
EnumDisplaySettingsW
PostQuitMessage
AnimateWindow
GetKeyboardLayoutNameW
GetKeyboardLayoutList
LoadKeyboardLayoutW
EmptyClipboard
SetClipboardData
IsClipboardFormatAvailable
GetPropW

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey

gdi32

GetStockObject
GetDeviceCaps
SetBkColor
SetTextColor
GetGlyphOutlineW
GetTextExtentPoint32W
SelectObject
GetTextMetricsW
DeleteObject
CreateCompatibleDC
CreateCompatibleBitmap
SetPixelFormat
SetDeviceGammaRamp
GetDeviceGammaRamp
CreateFontW

winmm

mciGetErrorStringA
mciSendCommandW
auxGetVolume
mixerGetControlDetailsW
auxSetVolume
mixerSetControlDetails
auxGetDevCapsW
auxGetNumDevs
mixerClose
mixerGetLineControlsW
mixerGetLineInfoW
mixerOpen
mixerGetNumDevs

wsock32

htons
WSACancelAsyncRequest
closesocket
recvfrom
socket
accept
gethostbyname
ioctlsocket
WSAAsyncGetHostByName
WSAStartup
WSAAsyncSelect
recv
send
inet_ntoa
setsockopt
bind
listen
connect
sendto
WSACleanup
htonl
ntohs
WSAGetLastError

imm32

ImmGetContext
ImmAssociateContext
ImmReleaseContext

shell32

SHGetSpecialFolderPathA
ShellExecuteExA

shlwapi

PathIsDirectoryW
PathAddExtensionW
PathFindExtensionA
PathIsDirectoryA

ole32

CoInitialize
CoCreateInstance
CoUninitialize

kernel32

InterlockedDecrement
InterlockedIncrement
HeapSetInformation
GetCommandLineA
CreateThread
ResumeThread
ExitThread
GetSystemTimeAsFileTime
DeleteFileA
MoveFileA
GetFileType
HeapFree
HeapReAlloc
HeapAlloc
LeaveCriticalSection
EnterCriticalSection
DecodePointer
EncodePointer
RtlUnwind
SetLastError
GetSystemDirectoryA
GetWindowsDirectoryA
GetModuleHandleA
InterlockedExchange
CompareStringA
GetCurrentThreadId
ReleaseMutex
GetCurrentProcess
SetProcessAffinityMask
QueryPerformanceFrequency
QueryPerformanceCounter
GetCurrentProcessId
TerminateProcess
TlsFree
TlsAlloc
TlsSetValue
TlsGetValue
ReleaseSemaphore
GetLogicalDriveStringsA
GetDriveTypeA
OutputDebugStringA
ExitProcess
DebugBreak
GlobalAlloc
GlobalLock
GlobalUnlock
CloseHandle
RemoveDirectoryA
GetTempPathA
FindNextFileA
FindFirstFileA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
RaiseException
HeapSize
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetHandleCount
HeapCreate
GetConsoleCP
GetConsoleMode
GetOEMCP
SetStdHandle
GetTimeZoneInformation
GetModuleFileNameA
SetCurrentDirectoryA
GetCurrentDirectoryA
FindClose
ReadFile
GetLastError
GetFileSize
SetFilePointer
GetACP
WaitForSingleObject
FreeLibrary
Sleep
GetTickCount
AllocConsole
GetStdHandle
GetNumberOfConsoleInputEvents
WriteFile
FlushFileBuffers
LoadLibraryA
SetEnvironmentVariableA

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 664KB - Virtual size: 664KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.0MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8df97d0c75803192c37693beebe3f9bd

Headers

DLL Characteristics

File Characteristics

Imports

comdlg32

user32

advapi32

gdi32

winmm

wsock32

imm32

shell32

shlwapi

ole32

kernel32

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 664KB - Virtual size: 664KB

.data Size: 1.0MB - Virtual size: 1.6MB

.rsrc Size: 97KB - Virtual size: 96KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 664KB - Virtual size: 664KB

.data
Size: 1.0MB - Virtual size: 1.6MB

.rsrc
Size: 97KB - Virtual size: 96KB