139721f49f12175c8192ec96d4996e90_NEIKI

General

Target

139721f49f12175c8192ec96d4996e90_NEIKI
Size

104KB
MD5

139721f49f12175c8192ec96d4996e90
SHA1

e0ad8af315cecf48f63f218757b2455ef05d9496
SHA256

15284a1438deda025c81415e453574cbfe83db5f391d4c277242eb089b1d00fd
SHA512

7ccdc7ba91dccb855f86ea029d2dc07f08f8b3b09d4f0e97e886ae4687eabe6c2b9f548409111293752e815a17a2d558037a11f7bbab3671bc55bfecb25a7bb7
SSDEEP

1536:kEPcHXETbO7/ETeeedexsw1niVkLhVJkMrzduYGTriY7ZIt/6DYXTUHU/uOA:kOcH84vzggVkFVeMrzKRiZ6D8T83

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
139721f49f12175c8192ec96d4996e90_NEIKI
unpack001/out.upx

Files

139721f49f12175c8192ec96d4996e90_NEIKI
.dll windows:5 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Exports

Exports

Add_AlbumGain
Read_Metadata
Write_Metadata
opus_decode
opus_decode_float
opus_decoder_create
opus_decoder_ctl
opus_decoder_destroy
opus_decoder_get_nb_samples
opus_decoder_get_size
opus_decoder_init
opus_get_version_string
opus_multistream_decode
opus_multistream_decode_float
opus_multistream_decoder_create
opus_multistream_decoder_ctl
opus_multistream_decoder_destroy
opus_multistream_decoder_get_size
opus_multistream_decoder_init
opus_packet_get_bandwidth
opus_packet_get_nb_channels
opus_packet_get_nb_frames
opus_packet_get_nb_samples
opus_packet_get_samples_per_frame
opus_packet_parse
opus_pcm_soft_clip
opus_strerror

Sections

UPX0
Size: - Virtual size: 96KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 95KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:5 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Sections

.text
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 604B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 96KB

UPX1 Size: 95KB - Virtual size: 96KB

.rsrc Size: 2KB - Virtual size: 4KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 130KB - Virtual size: 130KB

.rdata Size: 34KB - Virtual size: 33KB

.data Size: 512B - Virtual size: 104B

.pdata Size: 4KB - Virtual size: 3KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 604B

UPX0
Size: - Virtual size: 96KB

UPX1
Size: 95KB - Virtual size: 96KB

.rsrc
Size: 2KB - Virtual size: 4KB

.text
Size: 130KB - Virtual size: 130KB

.rdata
Size: 34KB - Virtual size: 33KB

.data
Size: 512B - Virtual size: 104B

.pdata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 604B