fdae66492058c3613af20b86931e4ce0_NEIKI

Sharing

Copy URL Twitter E-mail

General

Target

fdae66492058c3613af20b86931e4ce0_NEIKI
Size

576KB
MD5

fdae66492058c3613af20b86931e4ce0
SHA1

5c81636a6b106e26d8e0977559021a90280c8652
SHA256

d49dea8facfaa1aaa614ca8aff6418290c6dc1403efa0773d5d44b087e804b75
SHA512

4d86e613458d63d47d29f1575830724c29b75817c8b8bceb88e2df7c2f9cde50e16a80d6acab60ee8cc9660ca8c0e0adba867e04d1b594d07a4328ad142b351a
SSDEEP

6144:GiLe0m+yZIU/KzXXfwjUUAgr2zvfRgMzj7dKfFLPTX/D/QHj+mTX:GiLe0qZ8GOgiJgMzj7dKNLLvDYHSm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fdae66492058c3613af20b86931e4ce0_NEIKI

Files

fdae66492058c3613af20b86931e4ce0_NEIKI
.exe windows:4 windows x86 arch:x86

0852004e301d89177deb739300f7c8f4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
GetFileSize
CreateFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileAttributesExA
GetModuleFileNameA
GetSystemDirectoryA
GetTempPathA
GetWindowsDirectoryA
FindClose
FindNextFileA
SystemTimeToTzSpecificLocalTime
FindFirstFileA
SystemTimeToFileTime
DeleteFileA
SetFileAttributesA
GetFileAttributesA
GetPrivateProfileStringA
GetVolumeInformationA
GetDriveTypeA
GetLogicalDriveStringsA
SetLastError
lstrcpyA
lstrcmpA
GetModuleHandleA
OutputDebugStringA
DebugBreak
FlushFileBuffers
SetStdHandle
LoadLibraryA
SetFilePointer
MulDiv
LCMapStringA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
WriteFile
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentDirectoryA
GetStringTypeW
GetStringTypeA
GetProcAddress
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
GetVersionExA
GetEnvironmentVariableA
GetOEMCP
GetACP
GetCPInfo
HeapSize
TerminateProcess
TlsGetValue
TlsAlloc
TlsSetValue
RaiseException
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetFullPathNameA
CreateDirectoryA
HeapAlloc
HeapReAlloc
HeapFree
RtlUnwind
LocalFree
InterlockedExchange
WideCharToMultiByte
GlobalLock
GlobalUnlock
FindResourceA
LoadResource
LockResource
lstrlenW
GlobalAlloc
GlobalHandle
GlobalFree
FreeResource
DeleteCriticalSection
HeapDestroy
InitializeCriticalSection
CreateMutexA
GetLastError
CloseHandle
GetLocalTime
lstrcmpiA
CreateThread
MultiByteToWideChar
CopyFileA
InterlockedIncrement
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
GetCurrentProcess
FlushInstructionCache
lstrlenA
InterlockedDecrement
LCMapStringW
Sleep

user32

PtInRect
EndPaint
IsChild
GetFocus
GetClassNameA
GetDesktopWindow
CreateAcceleratorTableA
InvalidateRgn
BeginPaint
DefWindowProcA
DestroyCursor
InvalidateRect
GetSysColor
LoadImageA
RedrawWindow
IsWindow
GetIconInfo
SendMessageA
ReleaseCapture
WindowFromPoint
ClientToScreen
SetCapture
CharLowerA
wsprintfA
CharNextA
wvsprintfA
LoadBitmapA
RegisterWindowMessageA
GetClassInfoExA
RegisterClassExA
CreateDialogIndirectParamA
GetSystemMetrics
MoveWindow
PostQuitMessage
IsWindowVisible
IsDialogMessageA
CreateDialogParamA
LoadCursorA
SetRectEmpty
GetCapture
GetParent
GetActiveWindow
CallWindowProcA
DestroyWindow
SetDlgItemTextA
MessageBeep
SetFocus
GetMessageA
TranslateMessage
DispatchMessageA
GetWindow
SystemParametersInfoA
MapWindowPoints
SetWindowPos
EnumChildWindows
CreatePopupMenu
AppendMenuA
IsMenu
TrackPopupMenu
DestroyMenu
MessageBoxA
SetWindowTextA
DestroyIcon
LoadIconA
EnableWindow
EndDialog
DialogBoxParamA
GetDlgItem
ShowWindow
CreateWindowExA
FillRect
GetWindowLongA
SetWindowLongA
LoadStringA
FrameRect
InflateRect
GetWindowTextLengthA
GetWindowTextA
DrawTextA
DrawFocusRect
DrawStateA
CopyRect
OffsetRect
GetDC
GetClientRect
GetWindowRect
ReleaseDC
SetCursor
GetDlgCtrlID
PeekMessageA
GetCursorPos
ScreenToClient
IsWindowEnabled

gdi32

CreateCompatibleDC
Rectangle
GetStockObject
SetTextColor
SetBkColor
LineTo
MoveToEx
CreatePen
CreateSolidBrush
SetBkMode
GetDeviceCaps
CreateFontA
DeleteObject
DeleteDC
SelectObject
BitBlt
CreateFontIndirectA
CreateCompatibleBitmap
GetObjectA
ExtTextOutA

advapi32

GetUserNameA
RegOpenKeyA
RegQueryInfoKeyA
RegQueryValueExA
RegCloseKey
RegOpenKeyExA

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
SHFileOperationA
SHGetFileInfoA
ShellExecuteA
ShellExecuteExA

ole32

OleLockRunning
CoTaskMemAlloc
StringFromCLSID
CoTaskMemFree
CLSIDFromProgID
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoCreateInstance
CoInitialize
CoUninitialize
CLSIDFromString

oleaut32

SysFreeString
VariantClear
VariantChangeType
SysAllocStringLen
SysStringLen
SysAllocString
VariantCopy
LoadRegTypeLi
OleCreateFontIndirect
GetErrorInfo

comctl32

ImageList_Create
ImageList_ReplaceIcon
ImageList_AddMasked
InitCommonControlsEx
_TrackMouseEvent

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 244KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 284KB - Virtual size: 282KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0852004e301d89177deb739300f7c8f4

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

version

Sections

.text Size: 244KB - Virtual size: 240KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 20KB - Virtual size: 22KB

.rsrc Size: 284KB - Virtual size: 282KB

.text
Size: 244KB - Virtual size: 240KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 20KB - Virtual size: 22KB

.rsrc
Size: 284KB - Virtual size: 282KB