18597edad5142828a584d6801e0ad880_NEIKI

Sharing

Copy URL Twitter E-mail

General

Target

18597edad5142828a584d6801e0ad880_NEIKI
Size

741KB
MD5

18597edad5142828a584d6801e0ad880
SHA1

291c51df3e2f1586e8afd458016d60f27fd1b73f
SHA256

c52fbe1f17bfdfad9e8fb1ffd0d577a5ef153d0b4a51db9f65a5ba606a891f66
SHA512

42e18035039bbd63b9af372c6fea87426c53a0080247f0ba79cdf09008e70a9c698efe5cf8a7839a471471ee96b768d3c2d082aa7115fdf321b6522ef5d8da12
SSDEEP

12288:b0I2YzbbdkLqbiTqmX2DHuf414D4hZQNHDLqSvkBz9EQAQ9fpXQwUVRmmmmmmmm9:wI2YHbdk0EGT+wGESvsEQA+ERmmmmmmO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18597edad5142828a584d6801e0ad880_NEIKI

Files

18597edad5142828a584d6801e0ad880_NEIKI
.exe windows:5 windows x86 arch:x86

ff2c523bf790eb5a1a9efa01a81414ca

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

T:\DELIVER\master\uty\isetup\Release\ISETUP.pdb

Imports

kernel32

HeapSize
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetTimeZoneInformation
RtlUnwind
InitializeCriticalSectionAndSpinCount
InterlockedExchange
FreeLibrary
SetConsoleCtrlHandler
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetConsoleMode
GetConsoleCP
SetFilePointer
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetSystemTimeAsFileTime
GetLocaleInfoW
GetTickCount
QueryPerformanceCounter
HeapDestroy
HeapCreate
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStdHandle
WriteFile
EnterCriticalSection
FatalAppExitA
LeaveCriticalSection
DeleteCriticalSection
ExitProcess
WideCharToMultiByte
GetCurrentThread
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
FlushFileBuffers
Beep
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
SetEnvironmentVariableW
GetFullPathNameA
GetFileInformationByHandle
PeekNamedPipe
GetCurrentDirectoryA
SetCurrentDirectoryA
SetEndOfFile
GetPrivateProfileIntA
GetEnvironmentVariableA
LoadLibraryA
GetProcAddress
FindFirstFileA
DeleteFileA
FindNextFileA
FindClose
CreateDirectoryA
GetFileAttributesA
CopyFileA
GetCommandLineA
SetErrorMode
WritePrivateProfileStringA
GetLastError
GetPrivateProfileStringA
Sleep
TlsAlloc
TlsGetValue
GetModuleHandleW
IsValidCodePage
GetLogicalDriveStringsA
ExpandEnvironmentStringsA
GetCurrentProcessId
CloseHandle
ReadFile
GetFileSize
CreateFileA
VirtualFree
VirtualAlloc
SetFileAttributesA
GetStartupInfoA
HeapFree
HeapAlloc
HeapReAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleA
RaiseException
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
GetProcessHeap

user32

CreateWindowExA
SetActiveWindow
GetMenu
ModifyMenuA
GetSubMenu
GetSystemMenu
EnableMenuItem
PostMessageA
DefWindowProcA
ShowCursor
DestroyWindow
wsprintfA
SetCursor
CopyRect
InflateRect
FrameRect
DrawFocusRect
SendDlgItemMessageW
CreateDialogParamA
LoadIconA
LoadCursorA
RegisterClassA
FindWindowA
IsIconic
SetForegroundWindow
GetMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
PostQuitMessage
LoadImageA
ReleaseDC
EnableWindow
SetDlgItemInt
CheckDlgButton
ClientToScreen
ScreenToClient
BeginPaint
GetDlgItemInt
IsDlgButtonChecked
GetDlgCtrlID
InvalidateRect
UpdateWindow
DialogBoxParamA
GetDlgItemTextA
SendDlgItemMessageA
MessageBeep
MessageBoxA
ShowWindow
GetSystemMetrics
GetWindowRect
SetWindowPos
GetDC
GetClientRect
IsWindowEnabled
EndPaint
GetSysColor
FillRect
SendMessageA
LoadBitmapA
SetWindowTextA
GetDlgItem
SetDlgItemTextA
SetFocus
EndDialog
CheckRadioButton

gdi32

CreateFontA
GetCurrentObject
CreateDIBSection
GetStockObject
EnumFontFamiliesA
SaveDC
RestoreDC
PolyPolyline
CreatePen
CreateSolidBrush
Rectangle
GetTextExtentPoint32A
SetBkMode
SetTextColor
TextOutA
CreateCompatibleDC
GetObjectA
SelectObject
CreateCompatibleBitmap
BitBlt
DeleteDC
DeleteObject

comdlg32

GetOpenFileNameA
ChooseColorA

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

shell32

SHGetMalloc
SHBrowseForFolderA
SHGetPathFromIDListA

comctl32

ord16
ord17

Sections

.text
Size: 574KB - Virtual size: 573KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 86KB - Virtual size: 17.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ff2c523bf790eb5a1a9efa01a81414ca

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

comctl32

Sections

.text Size: 574KB - Virtual size: 573KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 86KB - Virtual size: 17.8MB

.rsrc Size: 64KB - Virtual size: 63KB

.text
Size: 574KB - Virtual size: 573KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 86KB - Virtual size: 17.8MB

.rsrc
Size: 64KB - Virtual size: 63KB