1d592b896870c960fee3cdf356b28e70_NEIKI

Sharing

Copy URL Twitter E-mail

General

Target

1d592b896870c960fee3cdf356b28e70_NEIKI
Size

4.9MB
MD5

1d592b896870c960fee3cdf356b28e70
SHA1

d8ee8012862b39131082d11f40514bc56b522d5c
SHA256

6ba7523d6cbfab4451b84260251c051365206d4e52523af95177b93365b897d7
SHA512

99be0308e1e38e1510c367fb69e649d3fd1ccf48029b96b4a45b7ada0e0b7958e37aa2d03fff7c29d5dceb4201bf5a68e0ba03a795ca57b8d3ce0591de780d95
SSDEEP

98304:k2PRzkb+U/P96QPs1qYFLCtoZKC9FMHr5lkHxgyZ3bPiOMLgimhqdhhz:FRzkb+U/P96QPsdF+to8uQ5lWi4zm9mq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1d592b896870c960fee3cdf356b28e70_NEIKI

Files

1d592b896870c960fee3cdf356b28e70_NEIKI
.dll windows:5 windows x86 arch:x86

1626bd89cb1df46e1da7b429c83016b3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetThreadContext
SetThreadContext
GetSystemDirectoryA
FreeLibrary
GetProcAddress
LoadLibraryA
GetTickCount
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetVersionExW
LoadResource
LockResource
SizeofResource
GlobalAlloc
GlobalSize
GlobalLock
GlobalUnlock
GlobalFree
FindResourceA
MultiByteToWideChar
WideCharToMultiByte
FindClose
FindFirstFileA
FindNextFileA
GetFileAttributesA
GetSystemTime
GetVolumeInformationA
DeleteFileA
AreFileApisANSI
LocalFree
GetTempPathA
DeleteFileW
GetVersionExA
OutputDebugStringA
GetFileAttributesExW
GetSystemInfo
GetDiskFreeSpaceA
CreateFileMappingW
CreateFileMappingA
GetDiskFreeSpaceW
LockFileEx
HeapSize
GetTempPathW
FlushFileBuffers
CreateFileW
ReadFile
GetFileAttributesW
HeapValidate
HeapCreate
HeapDestroy
FormatMessageW
LoadLibraryW
WriteFile
FormatMessageA
GetSystemTimeAsFileTime
GetProcessHeap
UnlockFileEx
OutputDebugStringW
WaitForSingleObjectEx
LockFile
UnlockFile
HeapFree
QueryPerformanceCounter
SystemTimeToFileTime
HeapAlloc
SetEndOfFile
UnmapViewOfFile
MapViewOfFile
SetFilePointer
CreateMutexW
GetFileSize
CreateFileA
HeapReAlloc
GetFullPathNameA
GetFullPathNameW
TryEnterCriticalSection
GetModuleHandleA
DeviceIoControl
FindNextFileW
FindFirstFileW
GetStringTypeW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetCurrentDirectoryW
PeekNamedPipe
GetFileInformationByHandle
FileTimeToLocalFileTime
SetEnvironmentVariableA
CreateDirectoryW
WriteConsoleW
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetModuleFileNameA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetDriveTypeW
FindFirstFileExW
GetFileType
GetModuleHandleW
GetStartupInfoW
TerminateProcess
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetModuleFileNameW
GetStdHandle
GetConsoleCP
ReadConsoleW
GetConsoleMode
SetFilePointerEx
GetCommandLineA
GetTimeZoneInformation
LoadLibraryExW
ExitThread
CreateThread
GetModuleHandleExW
ExitProcess
RtlUnwind
RaiseException
DecodePointer
EncodePointer
IsProcessorFeaturePresent
IsDebuggerPresent
GetThreadPriority
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
Sleep
CreateEventA
WaitForSingleObject
SetEvent
GetLastError
SetLastError
DuplicateHandle
HeapCompact
CloseHandle

gdiplus

GdipDrawRectangle
GdipDrawEllipse
GdipDrawPolygon
GdipDrawPath
GdipFillRectangle
GdipFillPolygon
GdipFillEllipse
GdipDrawImageRectRectI
GdipSetClipRect
GdipCreateFontFamilyFromName
GdipDeleteFontFamily
GdipGetGenericFontFamilySansSerif
GdipStartPathFigure
GdipSetPathFillMode
GdipDeletePath
GdipClonePath
GdipCreatePath
GdiplusShutdown
GdiplusStartup
GdipFree
GdipAlloc
GdipGetEmHeight
GdipGetCellDescent
GdipGetCellAscent
GdipMeasureString
GdipDrawString
GdipGetFontHeightGivenDPI
GdipGetFontSize
GdipGetFontStyle
GdipGetFamily
GdipDeleteFont
GdipCreateFont
GdipGetLineSpacing
GdipDrawLine
GdipGetDpiY
GdipSetPageUnit
GdipGetWorldTransform
GdipTranslateWorldTransform
GdipSetWorldTransform
GdipSetInterpolationMode
GdipSetTextRenderingHint
GdipSetPixelOffsetMode
GdipSetSmoothingMode
GdipDeleteGraphics
GdipCreateFromHWND
GdipCreateFromHDC
GdipSetImageAttributesColorMatrix
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromResource
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdipSetPenDashArray
GdipSetPenDashOffset
GdipSetPenDashStyle
GdipSetPenColor
GdipSetPenLineJoin
GdipSetPenLineCap197819
GdipSetPenWidth
GdipDeletePen
GdipCreatePen1
GdipGetPathGradientPointCount
GdipSetPathGradientCenterPoint
GdipSetPathGradientSurroundColorsWithCount
GdipSetPathGradientCenterColor
GdipCreatePathGradientFromPath
GdipSetLinePresetBlend
GdipCreateLineBrush
GdipSetSolidFillColor
GdipCreateSolidFill
GdipDeleteBrush
GdipCloneBrush
GdipSetMatrixElements
GdipDeleteMatrix
GdipCreateMatrix2
GdipCreateMatrix
GdipIsVisiblePathPoint
GdipGetPathWorldBounds
GdipTransformPath
GdipAddPathString
GdipAddPathEllipse
GdipAddPathRectangle
GdipAddPathBezier
GdipAddPathArc
GdipAddPathLine
GdipGetPathLastPoint
GdipClosePathFigure
GdipFillPath

comdlg32

GetOpenFileNameW
GetSaveFileNameW

shell32

ShellExecuteA
SHGetSpecialFolderPathA
SHBrowseForFolderW
SHGetPathFromIDListW
DragQueryFileW

ole32

DoDragDrop
RevokeDragDrop
RegisterDragDrop
CoCreateInstance
GetHGlobalFromStream
CreateStreamOnHGlobal
OleUninitialize
OleInitialize

gdi32

ChoosePixelFormat
CreateFontIndirectW
CreateRectRgn
CreateSolidBrush
DeleteDC
DeleteObject
GetRegionData
SetBkColor
SetPixelFormat
SetTextColor
CreateDIBSection
SwapBuffers
CreateCompatibleDC

user32

GetClientRect
GetWindowLongW
GetWindowInfo
SetWindowLongW
GetWindowTextLengthW
MapWindowPoints
LoadCursorW
SetClassLongW
GetWindowTextW
SetWindowTextW
InvalidateRect
GetUpdateRgn
GetUpdateRect
EndPaint
BeginPaint
ReleaseDC
GetDC
SetMenuItemInfoW
SetMenuInfo
TrackPopupMenu
AppendMenuW
DestroyMenu
CreatePopupMenu
EnableWindow
KillTimer
SetTimer
ReleaseCapture
SetCapture
GetAsyncKeyState
GetKeyState
GetFocus
DispatchMessageW
PeekMessageW
SetWindowPos
GetSystemMetrics
GetWindowRect
GetParent
GetClassNameW
wsprintfW
TrackMouseEvent
SendMessageW
DefWindowProcW
CallWindowProcW
RegisterClassW
UnregisterClassW
CreateWindowExW
DestroyWindow
SetFocus
GetCursorPos

opengl32

wglMakeCurrent
wglGetCurrentContext
wglDeleteContext
wglCreateContext

Exports

Exports

VSTPluginMain
main

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 617KB - Virtual size: 616KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 90KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ctors
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dtors
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1626bd89cb1df46e1da7b429c83016b3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdiplus

comdlg32

shell32

ole32

gdi32

user32

opengl32

Exports

Exports

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 617KB - Virtual size: 616KB

.data Size: 90KB - Virtual size: 110KB

.ctors Size: 512B - Virtual size: 4B

.dtors Size: 512B - Virtual size: 4B

_RDATA Size: 2KB - Virtual size: 1KB

.rsrc Size: 2.2MB - Virtual size: 2.2MB

.reloc Size: 106KB - Virtual size: 106KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 617KB - Virtual size: 616KB

.data
Size: 90KB - Virtual size: 110KB

.ctors
Size: 512B - Virtual size: 4B

.dtors
Size: 512B - Virtual size: 4B

_RDATA
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 2.2MB - Virtual size: 2.2MB

.reloc
Size: 106KB - Virtual size: 106KB