9c7fc619315d9aae619d7a22fecd6ab0_NEIKI

Sharing

Copy URL Twitter E-mail

General

Target

9c7fc619315d9aae619d7a22fecd6ab0_NEIKI
Size

6.8MB
MD5

9c7fc619315d9aae619d7a22fecd6ab0
SHA1

986065d3155c925c6f3f06b6b9b4468edf411293
SHA256

e8139fe3f26576e63ad4e6450c19251a5054f07a83ec4ec5cd4ef00310a418c5
SHA512

97f5e33f2df253bdeddf4e95234ba732e15be5efa2f7960e9b483a706e74813f60dd31414624b1b639cba57887f050a654e16a74dd1073d08d63d57dc60296fd
SSDEEP

98304:qxz28+GlEBOtCXLUkJHabfzXbPBCMryXghYbwQS1sVfEuRSPOenTEUS6SdSTlMP:MS8ywPGbb41spEueOeTEURm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9c7fc619315d9aae619d7a22fecd6ab0_NEIKI

Files

9c7fc619315d9aae619d7a22fecd6ab0_NEIKI
.exe windows:1 windows x86 arch:x86

3d5af0af67a68250a5fd5a7dbaaf50f3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

cvirte

localtime
malloc
rand
sin_FLTREG_
sprintf
srand
strcmp
stricmp
strncmp
tan_FLTREG_
time
CVI__ismbblead
CVI__mbsdec
CVI__mbsinc
CVI__mbsnbcmp
CVI__mbsrchr
CVI__mbsstr
CloseCVIRTDll
InitCVIRTDll
SetEnableResourceTracking
WhichRuntimeSupportDll
_GetErrno
_GetFilesArray
__CVI_Resource_Acquire
__CVI_Resource_Release
__CanSkipDisablePatch3EK8PMIO
__CreatePtrInfoForWinMainCommandLine
__DBG_GetCurrentThreadEnv
__GetLocalThreadEnvSlot
__SetCurrentDebuggingLevel
calloc
ferror
fflush
fread
fwrite
iscntrl
isdigit
isspace
memcpy
memset
setvbuf
strcat
strcpy
strlen
strncat
strtod_FLTREG_
strtol
AddTreeImage
CVIAbsoluteTimeFromLocalCalendar
CVIAbsoluteTimeFromTimeUnit
CVIAbsoluteTimeToLocalCalendar
CVIAbsoluteTimeToTimeUnit
CVIRTDllAbnormalExit
CVI_GetFileSize
CVI_GetFileTime
CVI__mbsbtype
CVI__mbschr
CVI__mbsicmp
CVI__mbslen
CVI__mbsnbcpy
CVI__mbsnbicmp
CVI_inp
CVI_outp
CmtDiscardLock
CmtDiscardTSV
CmtDiscardThreadLocalVar
CmtGetCurrentThreadID
CmtGetLock
CmtGetTSVPtr
CmtGetThreadLocalVar
CmtNewLock
CmtNewTSV
CmtNewThreadLocalVar
CmtReleaseLock
CmtReleaseTSVPtr
CmtSetTSV
CreateMetaFont
CurrThreadId
DeleteListItem
DiscardBitmap
DiscardCtrl
EnableBreakOnLibraryErrors
Fmt
Get3dBorderColors
GetActivePanel
GetActiveTreeItem
GetAnnotationAttribute
GetBitmapData
GetBitmapInfo
GetBreakOnLibraryErrors
GetCtrlBoundingRect
GetCtrlIndex
GetCurrentPlatform
GetDateTimeElements
GetFileDate
GetFileInfo
GetFirstFile
GetImageBits
GetImageInfo
GetLabelFromIndex
GetLabelLengthFromIndex
GetMenuBarAttribute
GetMonitorAttribute
GetMonitorFromPoint
GetNextFile
GetNumListItems
GetPanelAttribute
GetRelativeMouseState
GetScaledCtrlDisplayBitmap
GetScaledPanelDisplayBitmap
GetSystemAttribute
GetTabPageAttribute
GetTableCellAttribute
GetTableCellRingValueFromIndex
GetTableCellRingValueLengthFromIndex
GetTableCellValLength
GetTableColumnAttribute
GetTableRowAttribute
GetTextDisplaySize
GetTimerTickData
GetTreeCellAttribute
GetTreeColumnAttribute
GetTreeItem
GetTreeItemAttribute
GetTreeItemNumChildren
GetTreeItemParent
GetTreeItemPath
GetTreeItemPathLength
GetUILErrorString
GetUserEvent
GetValueFromIndex
GetValueLengthFromIndex
GetWaitCursorState
InsertListItem
InsertTreeColumn
InsertTreeItem
InstallCtrlCallback
InstallPanelCallback
InstallPopup
MakeColor
MakeDateTime
MenuIsOpen
NewBitmap
NewCtrl
NewCtrlMenuItem
NewCtrlMenuSeparator
NewPanel
PointPinnedToRect
PostDeferredCallToThread
ProcessSystemEvents
PromptPopup
QueueUserEvent
RectBottom
RectContainsPoint
RectGrow
RectRight
RemovePopup
RenameFile
ReplaceListItem
SetActiveCtrl
SetActivePanel
SetActiveTreeItem
SetBreakOnLibraryErrors
SetColumnWidthToWidestCellContents
SetImageBits
SetTreeCellAttribute
SetTreeColumnAttribute
SetTreeItemAttribute
SplitPath
Timer_FLTREG_
_UPLibBreakpoint
_UPLibChkSize
_UPLibClearArgs
__DBG_SafeCall
__GetResDirPathString
abort
abs
ceil_FLTREG_
clock
fgets
floor_FLTREG_
fseek
ftell
memchr
memcmp
memmove
mktime
pow_FLTREG_
printf
realloc
remove
setlocale
sscanf
strftime
strncpy
toupper
_UP_CVI_DeleteFile
_UP_ClientTCPRead
_UP_ClientTCPWrite
_UP_CloseCom
_UP_ComRdTerm
_UP_ConnectToTCPServer
_UP_DisconnectFromTCPServer
_UP_GetActiveTableCell
_UP_GetInQLen
CmtGetLockAttribute
CmtGetTSQAttributeEx
CmtGetTSQReadPtr
CmtReleaseTSQReadPtr
_UP_GetNumTableColumns
FormatDateTimeString
GetBreakOnFirstChanceExceptions
GetBreakOnProtectionErrors
GetTCPPeerAddr
GetTCPPeerName
SetBreakOnFirstChanceExceptions
SetBreakOnProtectionErrors
ctime
strchr
_UP_GetNumTableRows
_UP_GetPanelHandleFromTabPage
_UP_GetProjectDir
_UP_GetTableCellFromPoint
_UP_LoadPanel
_UP_MakePathname
_UP_MessagePopup
_UP_OpenComConfig
_UP_PlotStripChart
_UP_ResetTextBox
_UP_acos_FLTREG_
_UP_asin_FLTREG_
_UP_atoi
_UP_fclose
_UP_fopen
_UP_localtime
_UP_memcpy
_UP_memset
_UP_sqrt_FLTREG_
_UP_strcat
_UP_strcmp
_UP_strcpy
_UP_strlen
_UP_strncmp
_UP_time
CVI_DeleteFile
ClientTCPRead
ClientTCPWrite
CloseCom
ComRdTerm
ConnectToTCPServer
DeleteTableRows
DisableBreakOnLibraryErrors
DiscardPanel
DisconnectFromTCPServer
DisplayPanel
GetActiveTableCell
GetCtrlArrayFromResourceID
GetCtrlAttribute
GetCtrlVal
GetInQLen
GetNumTableColumns
GetNumTableRows
GetPanelHandleFromTabPage
GetProjectDir
GetTableCellFromPoint
GetTableCellVal
HidePanel
InsertTableRows
LoadPanel
MakePathname
MakePoint_8STRCTEAXEDX_
MakeRect
MessagePopup
OpenComConfig
PlotStripChart
QuitUserInterface
ReportUPError
ResetTextBox
RunUserInterface
SetCtrlArrayAttribute
SetCtrlAttribute
SetCtrlIndex
SetCtrlVal
SetPanelAttribute
SetPanelPos
SetTabPageAttribute
SetTableCellAttribute
SetTableColumnAttribute
SetTableSelection
SetWaitCursor
_CopyPtrInfo
_GetParamInfo
_InitPtrInfo
_InitTynode
_PassArgCoord
_PassParamInfo
_PtrAssignPtr
_PtrBlkRValue
_PtrCast
_PtrCastStructBlk
_PtrCastToScalar
_PtrChkArith
_PtrChkAssign
_PtrChkDeref
_PtrGetRetValLoc
_PtrPostCall
_PtrPreCall
_PtrSetRetValLoc
_PtrStructMemInfoPtr
_PtrStructMemSizePtr
_ReceiveBlkInfo
_ReceivePtrInfo
_RemoveVaArgInfo
_ResetCalledFunPtr
_VaArgPassArgInfo
acos_FLTREG_
asin_FLTREG_
atan_FLTREG_
atoi
cos_FLTREG_
fclose
fopen
fprintf
free
fscanf

testdll

GetTestMsg

advapi32

RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegEnumValueA
RegOpenKeyA
RegOpenKeyExA
RegQueryInfoKeyA
RegSetValueExA
GetUserNameA
RegDeleteValueA
RegQueryValueExA

kernel32

FreeLibrary
GetCommandLineA
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetStartupInfoA
SetLastError
TlsGetValue
CloseHandle
CreateMutexA
DebugBreak
GetComputerNameA
GetCurrentProcessId
GetCurrentThreadId
GetDiskFreeSpaceA
GetFileAttributesW
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
GetSystemDirectoryA
GetUserDefaultLCID
GetVersion
GetVersionExA
GetWindowsDirectoryA
GlobalMemoryStatus
InterlockedExchange
IsDebuggerPresent
LoadLibraryA
LoadLibraryW
OutputDebugStringA
ReleaseMutex
Sleep
WaitForSingleObject
DeleteCriticalSection
EnterCriticalSection
ExitProcess
InitializeCriticalSection
LeaveCriticalSection
OpenMutexA
LocalAlloc
LocalFree
lstrlenA
GetCurrentProcess
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter

user32

wsprintfA
CallWindowProcA
CreatePopupMenu
DefWindowProcA
DestroyIcon
DestroyMenu
GetCursorPos
GetDC
GetIconInfo
GetKeyboardType
GetMenuDefaultItem
GetMenuItemCount
GetMenuItemInfoA
GetSysColor
GetWindowLongA
InsertMenuItemA
LoadImageA
PostMessageA
SetForegroundWindow
SetMenuDefaultItem
SetMenuItemInfoA
SetWindowLongA
SystemParametersInfoA
TrackPopupMenu

gdi32

DeleteDC
DeleteObject
GetDIBits

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.db_fram
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.db_info
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.db_abbv
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.db_line
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.db_pnam
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.db_ptyp
Size: 512B - Virtual size: 125B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.db_rngs
Size: 512B - Virtual size: 192B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.db_ref
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 700KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.db_loc
Size: 512B - Virtual size: 64B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.debug
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

_data
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_text
Size: 512B - Virtual size: 444B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4.8MB - Virtual size: 4.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3d5af0af67a68250a5fd5a7dbaaf50f3

Headers

DLL Characteristics

File Characteristics

Imports

cvirte

testdll

advapi32

kernel32

user32

gdi32

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.data Size: 130KB - Virtual size: 130KB

.db_fram Size: 3KB - Virtual size: 3KB

.db_info Size: 43KB - Virtual size: 43KB

.db_abbv Size: 3KB - Virtual size: 2KB

.db_line Size: 56KB - Virtual size: 55KB

.db_pnam Size: 6KB - Virtual size: 6KB

.db_ptyp Size: 512B - Virtual size: 125B

.db_rngs Size: 512B - Virtual size: 192B

.db_ref Size: 2KB - Virtual size: 2KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: - Virtual size: 700KB

.db_loc Size: 512B - Virtual size: 64B

.idata Size: 11KB - Virtual size: 10KB

.debug Size: 38KB - Virtual size: 37KB

_data Size: 512B - Virtual size: 10B

_text Size: 512B - Virtual size: 444B

.rsrc Size: 4.8MB - Virtual size: 4.8MB

.text
Size: 1.7MB - Virtual size: 1.7MB

.data
Size: 130KB - Virtual size: 130KB

.db_fram
Size: 3KB - Virtual size: 3KB

.db_info
Size: 43KB - Virtual size: 43KB

.db_abbv
Size: 3KB - Virtual size: 2KB

.db_line
Size: 56KB - Virtual size: 55KB

.db_pnam
Size: 6KB - Virtual size: 6KB

.db_ptyp
Size: 512B - Virtual size: 125B

.db_rngs
Size: 512B - Virtual size: 192B

.db_ref
Size: 2KB - Virtual size: 2KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: - Virtual size: 700KB

.db_loc
Size: 512B - Virtual size: 64B

.idata
Size: 11KB - Virtual size: 10KB

.debug
Size: 38KB - Virtual size: 37KB

_data
Size: 512B - Virtual size: 10B

_text
Size: 512B - Virtual size: 444B

.rsrc
Size: 4.8MB - Virtual size: 4.8MB