344498c246b711822e4fdefacc2957c0_NEIKI

Sharing

Copy URL Twitter E-mail

General

Target

344498c246b711822e4fdefacc2957c0_NEIKI
Size

698KB
MD5

344498c246b711822e4fdefacc2957c0
SHA1

6f56e7fb60015af818926eabe46893a91360956f
SHA256

3c0cdc926b914727ce514eee5399b4c9cf35a52ddc1b3ef5859ee5a1fe1529b0
SHA512

44e5071348b3e3ca3b341fb4fe2cd8ec2ef098afcddf3a3641a1fe3aab83c377977deebc4a97e43a389c18685c23da4d23885c8176906088fa533cd366726347
SSDEEP

12288:F49LXMEXeyNKkSFnFgn4MCig4URW5MlCEpbGvLAgrr7VFJBS82Sbof:FqrMHkS5Fgn4MCig4AW2tOAgrr7VFJBt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
344498c246b711822e4fdefacc2957c0_NEIKI

Files

344498c246b711822e4fdefacc2957c0_NEIKI
.exe windows:6 windows x64 arch:x64

4ee66195ef5fa0f57cdff87826de7688

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\user1\vanitygen-plusplus\oclvanitygen++.pdb

Imports

libcrypto-3-x64

EVP_CIPHER_get_block_size
EVP_PKEY2PKCS8
BIO_new_mem_buf
EC_KEY_dup
EC_POINT_hex2point
EVP_CIPHER_get_key_length
EVP_CIPHER_CTX_set_padding
BN_num_bits
EVP_read_pw_string
BN_bn2hex
EVP_PKCS82PKEY
PEM_read_bio_PKCS8_PRIV_KEY_INFO
PEM_write_bio_PKCS8_PRIV_KEY_INFO
PEM_write_bio_PKCS8
EC_GROUP_cmp
BIO_free
RAND_bytes
HMAC
PEM_read_bio_PKCS8
EVP_PKEY_free
BIO_s_mem
EVP_CIPHER_CTX_new
EVP_aes_256_cbc
EVP_CipherUpdate
BIO_new
BIO_ctrl
EVP_PKEY_get1_EC_KEY
EVP_PKEY_new
PKCS5_PBKDF2_HMAC
EVP_CipherFinal
EVP_CipherInit
PKCS8_decrypt
EVP_sha256
PKCS8_PRIV_KEY_INFO_free
PKCS8_encrypt
X509_SIG_free
EVP_PKEY_set1_EC_KEY
EVP_CIPHER_CTX_free
EVP_CIPHER_get_iv_length
BN_lshift
BN_value_one
BN_copy
EC_KEY_precompute_mult
BN_clear
BN_free
EC_KEY_check_key
BN_exp
CRYPTO_free
BN_set_bit
BN_div
i2d_ECPrivateKey
RIPEMD160
EC_POINT_point2oct
BN_add
SHA256
EC_KEY_copy
i2o_ECPublicKey
BN_bn2dec
EC_KEY_new_by_curve_name
BN_mul
EVP_md5
EVP_DigestFinal_ex
EVP_DigestUpdate
EVP_DigestInit_ex
EVP_MD_CTX_free
EVP_MD_CTX_new
EC_KEY_generate_key
EC_KEY_set_public_key
EC_KEY_get0_public_key
EC_KEY_set_private_key
EC_KEY_get0_private_key
EC_POINT_mul
EC_POINTs_make_affine
EC_POINT_make_affine
EC_POINT_add
EC_POINT_copy
EC_POINT_free
EC_POINT_new
EC_GROUP_get_order
EC_GROUP_get0_generator
BN_MONT_CTX_set
BN_MONT_CTX_free
BN_to_montgomery
BN_MONT_CTX_new
BN_mod_inverse
BN_dup
BN_cmp
BN_get_word
BN_set_word
BN_sub
BN_bn2lebinpad
BN_lebin2bn
BN_bn2bin
BN_bin2bn
BN_clear_free
BN_new
BN_CTX_free
BN_CTX_new
BN_is_zero
RAND_load_file
EC_KEY_get0_group
EC_KEY_free
OPENSSL_cleanse

pthreadvc2

pthread_cond_broadcast
pthread_self
pthread_equal
pthread_cond_signal
pthread_win32_process_attach_np
pthread_cond_destroy
pthread_cond_init
pthread_mutex_unlock
pthread_mutex_lock
pthread_mutex_destroy
pthread_mutex_init
pthread_join
pthread_create
pthread_cond_wait

pcre

pcre_compile
pcre_free
pcre_exec
pcre_study

opencl

clReleaseContext
clCreateCommandQueue
clEnqueueNDRangeKernel
clEnqueueUnmapMemObject
clEnqueueMapBuffer
clEnqueueWriteBuffer
clReleaseEvent
clWaitForEvents
clSetKernelArg
clReleaseKernel
clCreateKernel
clGetProgramBuildInfo
clGetProgramInfo
clBuildProgram
clReleaseProgram
clCreateProgramWithBinary
clCreateProgramWithSource
clReleaseMemObject
clRetainMemObject
clCreateBuffer
clReleaseCommandQueue
clCreateContext
clGetDeviceInfo
clGetDeviceIDs
clGetPlatformInfo
clGetPlatformIDs

kernel32

RtlUnwind
GetFileSizeEx
ReadConsoleW
ReadFile
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
SetConsoleCtrlHandler
OutputDebugStringW
GetCurrentThread
CloseHandle
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
HeapFree
HeapAlloc
GetCommandLineW
GetCommandLineA
WriteFile
ExitProcess
WriteConsoleW
GetModuleHandleExW
GetModuleFileNameW
GetFileType
GetStdHandle
RtlPcToFileHeader
RaiseException
EncodePointer
LoadLibraryExW
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetLastError
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwindEx
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetSystemTimeAsFileTime
GetProcAddress
GetLastError
GetModuleHandleA
HeapReAlloc
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetStdHandle
GetStringTypeW
GetProcessHeap
DeleteFileW
CreateFileW
HeapSize
SetEndOfFile
SetFilePointerEx

Sections

.text
Size: 527KB - Virtual size: 526KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4ee66195ef5fa0f57cdff87826de7688

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

libcrypto-3-x64

pthreadvc2

pcre

opencl

kernel32

Sections

.text Size: 527KB - Virtual size: 526KB

.rdata Size: 137KB - Virtual size: 137KB

.data Size: 3KB - Virtual size: 11KB

.pdata Size: 26KB - Virtual size: 25KB

_RDATA Size: 512B - Virtual size: 348B

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 527KB - Virtual size: 526KB

.rdata
Size: 137KB - Virtual size: 137KB

.data
Size: 3KB - Virtual size: 11KB

.pdata
Size: 26KB - Virtual size: 25KB

_RDATA
Size: 512B - Virtual size: 348B

.reloc
Size: 2KB - Virtual size: 2KB