7e75c3250a1950ccda638f29e10dcac0_NEIKI

Sharing

Copy URL

Twitter E-mail

General

Target

7e75c3250a1950ccda638f29e10dcac0_NEIKI
Size

338KB
MD5

7e75c3250a1950ccda638f29e10dcac0
SHA1

15ca5953fada8bcf74b7f9766f2befc33b77ab39
SHA256

84e2c91b629545c28820377dd12d644ba7e00fd3af475367aa0b64633d92f55a
SHA512

e020ff908d0e39e3d3e2e04f6055b8dae769697ff568db6e34aa13ba9a2085d8524c385a917a4eb163d67cf173ea8b461a7b8421e248609fc8b0d09f6c15ca8a
SSDEEP

6144:bxnH8sglvx+DZO7KrRVYGUiP29kXgk3ZpwjHPRYDl:b1H83GZw8136HPRq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7e75c3250a1950ccda638f29e10dcac0_NEIKI

Files

7e75c3250a1950ccda638f29e10dcac0_NEIKI
.dll windows:4 windows x86 arch:x86

46e83d2359b58d7bef1f4f7086e61647

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryInfoKeyA

kernel32

CloseHandle
CreateFileA
CreateMutexA
DeleteCriticalSection
DeleteFileA
DuplicateHandle
EnterCriticalSection
ExitProcess
FindResourceA
FreeEnvironmentStringsA
FreeLibrary
FreeResource
GetACP
GetCPInfo
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetEnvironmentStrings
GetExitCodeThread
GetFileAttributesA
GetFileType
GetLastError
GetLocalTime
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemDefaultLangID
GetUserDefaultLCID
GetVersion
GetVersionExA
GlobalAlloc
GlobalFree
GlobalHandle
GlobalLock
GlobalMemoryStatus
GlobalUnlock
HeapAlloc
HeapFree
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsValidLocale
LCMapStringA
LeaveCriticalSection
LoadLibraryA
LoadResource
LockResource
MultiByteToWideChar
RaiseException
ReadFile
ReleaseMutex
RtlUnwind
SetConsoleCtrlHandler
SetErrorMode
SetFilePointer
SetHandleCount
SetLastError
SetThreadLocale
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualQuery
WaitForSingleObjectEx
WideCharToMultiByte
WriteFile

gdi32

CreateDIBPatternBrush
CreateSolidBrush
DeleteObject
ExtTextOutA
GetDeviceCaps
GetStockObject
GetSystemPaletteEntries
GetTextExtentPointA
LineTo
MoveToEx
OffsetViewportOrgEx
PatBlt
ResetDCA
RestoreDC
SaveDC
ScaleViewportExtEx
ScaleWindowExtEx
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetTextColor
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
TextOutA

user32

AppendMenuA
BeginPaint
CallWindowProcA
CheckMenuItem
ClientToScreen
CloseClipboard
CreateMenu
CreateWindowExA
DefWindowProcA
DestroyCursor
DestroyMenu
DestroyWindow
DispatchMessageA
DrawIcon
DrawMenuBar
DrawTextA
EnableMenuItem
EnableWindow
EndPaint
EnumThreadWindows
FrameRect
GetActiveWindow
GetClassInfoA
GetClassNameA
GetClientRect
GetCursorPos
GetDesktopWindow
GetDlgCtrlID
GetDlgItem
GetFocus
GetMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
GetParent
GetScrollInfo
GetSubMenu
GetSysColor
GetSystemMetrics
GetWindow
GetWindowDC
GetWindowLongA
GetWindowPlacement
GetWindowRect
GetWindowTextA
GetWindowTextLengthA
GetWindowThreadProcessId
GrayStringA
InvalidateRect
IsChild
IsDialogMessageA
IsIconic
IsMenu
IsWindow
IsWindowEnabled
IsZoomed
LoadAcceleratorsA
LoadCursorA
LoadIconA
LoadImageA
LoadMenuA
MessageBoxA
MessageBoxExA
ModifyMenuA
PeekMessageA
PostMessageA
PostQuitMessage
PostThreadMessageA
RegisterClassA
RegisterWindowMessageA
ReleaseCapture
ReleaseDC
ScreenToClient
ScrollWindow
SendMessageA
SetCapture
SetCursor
SetFocus
SetMenu
SetParent
SetScrollInfo
SetWindowLongA
SetWindowPlacement
SetWindowPos
SetWindowTextA
ShowScrollBar
ShowWindow
TabbedTextOutA
TrackPopupMenu
TranslateAcceleratorA
TranslateMessage
UnregisterClassA
UpdateWindow
WaitMessage
wsprintfA
GetSystemMenu

dsc_rdr32

@F2$qpxct1
@F3$qpcip8std@FILE
@F4$qp8std@FILE
@F6$qp8std@FILE
@F7$qpvuiuip8std@FILE
@F5$qp8std@FILEli

Exports

Exports

_SD_DLL_CC
_SD_DLL_Entry
_SD_DLL_EventGesendet
_SD_DLL_EventToSend
_SD_DLL_Exit
_SD_DLL_GetData
_SD_DLL_GetEvent
_SD_DLL_GetEventParameter
_SD_DLL_GetVersion
_SD_DLL_Init
_SD_DLL_PutData
_SD_DLL_RecCmd
_SD_DLL_SendINIString
___CPPdebugHook

Sections

.text
Size: 261KB - Virtual size: 264KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

46e83d2359b58d7bef1f4f7086e61647

Headers

File Characteristics

Imports

advapi32

kernel32

gdi32

user32

dsc_rdr32

Exports

Exports

Sections

.text Size: 261KB - Virtual size: 264KB

.data Size: 52KB - Virtual size: 72KB

.tls Size: 512B - Virtual size: 4KB

.idata Size: 5KB - Virtual size: 8KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 4KB

.reloc Size: 16KB - Virtual size: 16KB

.text
Size: 261KB - Virtual size: 264KB

.data
Size: 52KB - Virtual size: 72KB

.tls
Size: 512B - Virtual size: 4KB

.idata
Size: 5KB - Virtual size: 8KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 4KB

.reloc
Size: 16KB - Virtual size: 16KB