3b6d143cd51af9db45156d245cf531e0_NEIKI

General

Target

3b6d143cd51af9db45156d245cf531e0_NEIKI
Size

115KB
MD5

3b6d143cd51af9db45156d245cf531e0
SHA1

64c578d40a0cbcc5797d929710e7fe726edee381
SHA256

a112a77f6db50b15302e85d06e3dc89aebac1cb921378aceab925368db4fc501
SHA512

d05e2e21bd2b2f1d4aec57c208cd1fd0133703a679094b13c6d3b83badfb4ca7031581a9fa2234c6d1c547d18b198612e17735f76ae35ad092fb3ac10f7989e5
SSDEEP

3072:pCTQHjsdsdvjM2hWj6KBbd3t3dU/ud8ddjV3jK8dUdpkd2d2jmAMdgkdvWmjFDLt:pCTQKPWMF3N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b6d143cd51af9db45156d245cf531e0_NEIKI

Files

3b6d143cd51af9db45156d245cf531e0_NEIKI
.dll windows:4 windows x86 arch:x86

a51e4f345cab3e523f7f8ca6663dd483

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

carclw60

CARC__EnterInstance
CARC__ExitInstance
CARC__CallUnderflowError
GOL$83
GOL$C3
GOL$COPYFILL
GOL$A8
GOL$85
CARC__GetDynamicCallAddress
GOL$COPYDATA
GOL$58
GOL$V3_TABLE
GOL$UNPK6
GOL$UNPK10
GOL$UNPK7
CARC__CancelDynamicInstance
GOL$A3
GOL$33
GOL$S3
GOL$55
GOL$53
GOL$FILLDATA
GOL$59
GOL$C0
GOL$C0P
CARC__LocateDelimiterInString
CARC__Inspect
GOL$S8
CARC__AcceptDate
CARC__AcceptFromTime
GOL$D5
CARC__FreeFormatDisplay
GOL$95
CARC__StopRun
_CARC__LibraryMain@12

wsmsru32

_wsms_init@4
_wsms_cleanup@4
_wsms_msg@4
_wsms_message@8
_wsms_set_num_rtlen@8
_wsms_get_num_rtlen@8
_wsms_set_symbols@8
_wmsg_box@12
_wmsg_box_timeout@16
_sms_set_env@4
_wsms_setcursortype@4
sms_yield

Sections

.text
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

RCLID_TE
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RCLEP_DA
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 590B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a51e4f345cab3e523f7f8ca6663dd483

Headers

File Characteristics

Imports

carclw60

wsmsru32

Sections

.text Size: 104KB - Virtual size: 104KB

RCLID_TE Size: 5KB - Virtual size: 4KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 260B

RCLEP_DA Size: 512B - Virtual size: 104B

.rsrc Size: 1024B - Virtual size: 856B

.reloc Size: 1024B - Virtual size: 590B

.text
Size: 104KB - Virtual size: 104KB

RCLID_TE
Size: 5KB - Virtual size: 4KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 260B

RCLEP_DA
Size: 512B - Virtual size: 104B

.rsrc
Size: 1024B - Virtual size: 856B

.reloc
Size: 1024B - Virtual size: 590B