6b476cc86e06916c9dab2b06f35c0ee0_NEIKI

Sharing

Copy URL

Twitter E-mail

General

Target

6b476cc86e06916c9dab2b06f35c0ee0_NEIKI
Size

521KB
MD5

6b476cc86e06916c9dab2b06f35c0ee0
SHA1

e37820242a7bf08020daaeaaa98427353e617b16
SHA256

27de001b59c11394e3023ad6248ebff5c68fbe2505a564a0a1cdc33f67ec70f9
SHA512

cbe43a9af759c1875982a99fba8b155a679eb0ded183908824013e039528b190b61ab0e5d463513f61489c5d7407fbcedcdc397b5413e9818444fc86827eb1dc
SSDEEP

6144:mXhPR+63HB1LfkGB1usvJR3djOuY0yKzOI23CBdfNJ/9+Fip:WhPRzrJRdOeyuOI2alz+4p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6b476cc86e06916c9dab2b06f35c0ee0_NEIKI

Files

6b476cc86e06916c9dab2b06f35c0ee0_NEIKI
.exe windows:5 windows x86 arch:x86

6857349330c49d8ee8045221e850d95b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegQueryValueExA
RegOpenKeyExA

kernel32

SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
HeapAlloc
HeapReAlloc
HeapSize
LoadLibraryA
GetACP
GetOEMCP
GetCPInfo
VirtualAlloc
RaiseException
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
RtlUnwind
GetLocaleInfoA
VirtualProtect
GetSystemInfo
VirtualQuery
GetEnvironmentStringsW
GetLastError
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetModuleFileNameA
GetStdHandle
GetProcAddress
ExitProcess
GetSystemTimeAsFileTime
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
MulDiv
lstrlenW
GetVersionExA
CreateFileW
WriteFile
GetModuleHandleW
Sleep
GetFileSize
GlobalAlloc
ReadFile
lstrcpyW
CloseHandle
GlobalFree
lstrcatW

gdi32

CreateFontIndirectW
GetDeviceCaps
SaveDC
Ellipse
GetTextExtentPoint32W
GetPixel
ExcludeClipRect
RestoreDC
CreateCompatibleBitmap
GdiFlush
CreateSolidBrush
GetStockObject
GetBkMode
GetTextColor
SetBkMode
SetTextColor
SetPixel
MoveToEx
LineTo
CreateCompatibleDC
SelectObject
BitBlt
DeleteObject
DeleteDC

user32

GetWindowRect
GetParent
EndDialog
PeekMessageW
EnableMenuItem
InvalidateRect
DialogBoxParamW
LoadStringW
MessageBoxW
ReleaseDC
GetDC
SetCapture
GetWindowPlacement
IsIconic
IsZoomed
DrawMenuBar
DrawTextW
SetRect
FrameRect
FillRect
OffsetRect
InvertRect
IntersectRect
ReleaseCapture
UpdateWindow
PostMessageW
PtInRect
GetSubMenu
GetDesktopWindow
MoveWindow
DefWindowProcW
GetForegroundWindow
ShowWindow
GetSystemMetrics
PostQuitMessage
EndPaint
BeginPaint
DestroyWindow
WaitMessage
DispatchMessageW
TranslateMessage
TranslateAcceleratorW
GetMessageW
LoadAcceleratorsW
CreateWindowExW
RegisterClassW
LoadCursorW
LoadIconW
MessageBoxA
LoadStringA
SetDlgItemTextW
GetDlgItem
WinHelpW
CheckDlgButton
IsDlgButtonChecked
CheckRadioButton
GetDlgItemTextW
UnionRect
SendMessageW
SetTimer
LoadBitmapW
wsprintfW
GetClientRect
GetMenu

shell32

SHGetSpecialFolderPathW

winmm

timeGetTime
PlaySoundW

comctl32

InitCommonControlsEx

Sections

.text
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 459KB - Virtual size: 459KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6857349330c49d8ee8045221e850d95b

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

gdi32

user32

shell32

winmm

comctl32

Sections

.text Size: 59KB - Virtual size: 58KB

.data Size: 2KB - Virtual size: 9KB

.rsrc Size: 459KB - Virtual size: 459KB

.text
Size: 59KB - Virtual size: 58KB

.data
Size: 2KB - Virtual size: 9KB

.rsrc
Size: 459KB - Virtual size: 459KB