99e3031e3f8ddb3b4575c203e6970400_NEIKI

General

Target

99e3031e3f8ddb3b4575c203e6970400_NEIKI
Size

52KB
MD5

99e3031e3f8ddb3b4575c203e6970400
SHA1

99d36a7ba13ed49aa35133fe01ee0912d6a336ce
SHA256

03ad93f7de7a62179630f5816f104cc58086bba20d7f9cfa538f74c1f3053db3
SHA512

2262634b49e735b3350b670f677114eea4868a3f4c87a9c828e1d8d1a36cd1e137459fa8c9560bec76d78c85f59631bb725602d9c3e52ba5a72e85f22fbad274
SSDEEP

768:XXNxQiUY9G226yplGCGBx+AsUWnuAyA1aBLRv1vIm3KDgKF:XXRUY9G22Xwx/yUwylp1gfD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
99e3031e3f8ddb3b4575c203e6970400_NEIKI

Files

99e3031e3f8ddb3b4575c203e6970400_NEIKI
.dll windows:4 windows x86 arch:x86

dec7cc609b6928a29991a51628137108

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
GetCommandLineA
GetVersionExA
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
UnhandledExceptionFilter
DisableThreadLibraryCalls
WriteFile
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
SetFilePointer
HeapAlloc
GetACP
GetOEMCP
GetCPInfo
VirtualAlloc
HeapReAlloc
LCMapStringA
LCMapStringW
HeapSize
GetLocaleInfoA
VirtualProtect
GetSystemInfo
SetStdHandle
FlushFileBuffers
CloseHandle

Exports

Exports

Tkimgps_Init
Tkimgps_Safe_Init

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dec7cc609b6928a29991a51628137108

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 8KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 8KB

.reloc
Size: 4KB - Virtual size: 2KB