7e771919870f030099c46278a2c18300_NEIKI

Sharing

Copy URL

Twitter E-mail

General

Target

7e771919870f030099c46278a2c18300_NEIKI
Size

4.4MB
MD5

7e771919870f030099c46278a2c18300
SHA1

672794e12a8f740f584eda8fd6d4af48707da232
SHA256

d723de26f4821fd20f1b889f96abbaf3e41c436e63e3dd35499de0a461462389
SHA512

be3e0880bd7c1370f767586c884e61b811bf5bfa5ab53df9f45c9196332773da68ba9825da26c1a69b6d6d901c7f0abbc341de87643a48257376a98a508b1f7d
SSDEEP

98304:P70+66YELCydHWUUN8MwLT7vWoHLuE3DPj+Kv1dmzTRafh00r3X/uJVP3WTeozYz:lzLCydHWUS8MwLeaLbDPITRafh04X/hu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7e771919870f030099c46278a2c18300_NEIKI

Files

7e771919870f030099c46278a2c18300_NEIKI
.exe windows:4 windows x86 arch:x86

d93b1c2100775f534f693423d7865c25

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

dbghelp

SymFromAddr

imagehlp

StackWalk
SymCleanup
SymFunctionTableAccess
SymGetModuleBase
SymInitialize

kernel32

AddVectoredExceptionHandler
CloseHandle
CreateSemaphoreA
CreateSemaphoreW
DeleteCriticalSection
EnterCriticalSection
FlushFileBuffers
FreeLibrary
GetCommandLineA
GetCommandLineW
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetProcessHeap
GetShortPathNameA
GetStartupInfoA
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetVersionExA
GlobalMemoryStatus
HeapAlloc
HeapFree
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
LocalFree
MultiByteToWideChar
ReleaseSemaphore
SetLastError
SetUnhandledExceptionFilter
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte

msvcrt

__getmainargs
__initenv
__lconv_init
__mb_cur_max
__p__acmdln
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_amsg_exit
_assert
_atoi64
_beginthreadex
_cexit
_endthreadex
_errno
_filelengthi64
_fileno
_findclose
_initterm
_iob
_lock
_onexit
_sopen
_unlock
_vscprintf
_vsnprintf
abort
atan
atoi
atol
bsearch
calloc
clock
exit
fclose
feof
ferror
fflush
fgetpos
fgets
fopen
fprintf
fputc
fputs
fread
free
fseek
fsetpos
ftell
fwrite
getc
isalnum
isalpha
islower
isprint
isspace
isupper
isxdigit
localeconv
malloc
memchr
memcmp
memcpy
memmove
memset
localtime
gmtime
_mkdir
qsort
raise
rand
realloc
remove
setlocale
signal
srand
strcat
strchr
strcmp
strcpy
strerror
strlen
strncat
strncmp
strncpy
strrchr
strspn
strstr
strtok
strtol
strtoul
tan
tolower
toupper
ungetc
vfprintf
time
_stricmp
_strnicmp
wcslen
_findnext
_findfirst
_write
_tell
_strnicmp
_strdup
_read
_lseek
_getcwd
_filelength
_close
_access

shell32

CommandLineToArgvW

winmm

timeBeginPeriod
timeEndPeriod
timeGetTime

ws2_32

WSACleanup
WSAGetLastError
WSARecvFrom
WSASendTo
WSAStartup
__WSAFDIsSet
accept
bind
closesocket
connect
gethostbyaddr
gethostbyname
getsockname
getsockopt
htonl
htons
inet_ntoa
ioctlsocket
listen
ntohl
ntohs
select
setsockopt
shutdown
socket

sdl2

SDL_CondWaitTimeout
SDL_CreateCond
SDL_CreateMutex
SDL_CreateRGBSurface
SDL_CreateThread
SDL_CreateWindow
SDL_DestroyCond
SDL_DestroyMutex
SDL_FillRect
SDL_FreeSurface
SDL_GetClosestDisplayMode
SDL_GetDesktopDisplayMode
SDL_GetDisplayBounds
SDL_GetError
SDL_GetKeyboardFocus
SDL_GetMouseFocus
SDL_GetMouseState
SDL_GetNumVideoDisplays
SDL_GetWindowDisplayIndex
SDL_GetWindowFlags
SDL_GetWindowSurface
SDL_Init
SDL_LockMutex
SDL_LockSurface
SDL_PollEvent
SDL_Quit
SDL_RWFromFile
SDL_SaveBMP_RW
SDL_SetColorKey
SDL_SetMainReady
SDL_SetPaletteColors
SDL_SetRelativeMouseMode
SDL_SetWindowBordered
SDL_SetWindowDisplayMode
SDL_SetWindowFullscreen
SDL_SetWindowPosition
SDL_SetWindowSize
SDL_ShowCursor
SDL_ShowMessageBox
SDL_ShowSimpleMessageBox
SDL_UnlockMutex
SDL_UnlockSurface
SDL_UpdateWindowSurface
SDL_UpperBlit
SDL_WaitThread
SDL_WarpMouseInWindow
SDL_free
SDL_getenv
SDL_iconv_string
SDL_memcpy
SDL_strlen
SDL_wcslen

sdl2_image

IMG_SavePNG

sdl2_mixer

Mix_CloseAudio
Mix_FadeOutMusic
Mix_FreeChunk
Mix_FreeMusic
Mix_GetMusicArtistTag
Mix_GetMusicCopyrightTag
Mix_GetMusicTitle
Mix_HaltChannel
Mix_HaltMusic
Mix_Init
Mix_LoadMUS
Mix_LoadWAV
Mix_OpenAudio
Mix_PauseMusic
Mix_PlayChannel
Mix_PlayMusic
Mix_Playing
Mix_PlayingMusic
Mix_QuerySpec
Mix_Quit
Mix_ReserveChannels
Mix_ResumeMusic
Mix_VolumeChunk
Mix_VolumeMusic

sdl2_net

SDLNet_AddSocket
SDLNet_AllocSocketSet
SDLNet_CheckSockets
SDLNet_DelSocket
SDLNet_FreeSocketSet
SDLNet_Init
SDLNet_Quit
SDLNet_ResolveHost
SDLNet_TCP_Accept
SDLNet_TCP_Close
SDLNet_TCP_Open
SDLNet_TCP_Recv
SDLNet_TCP_Send

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 354KB - Virtual size: 354KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 322KB - Virtual size: 322KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 67.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/14
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/29
Size: 502KB - Virtual size: 501KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/41
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/55
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/67
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/80
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/91
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/102
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d93b1c2100775f534f693423d7865c25

Headers

DLL Characteristics

File Characteristics

Imports

dbghelp

imagehlp

kernel32

msvcrt

shell32

winmm

ws2_32

sdl2

sdl2_image

sdl2_mixer

sdl2_net

Sections

.text Size: 2.2MB - Virtual size: 2.2MB

.data Size: 80KB - Virtual size: 80KB

.rdata Size: 354KB - Virtual size: 354KB

/4 Size: 322KB - Virtual size: 322KB

.bss Size: - Virtual size: 67.1MB

.idata Size: 8KB - Virtual size: 8KB

.CRT Size: 512B - Virtual size: 52B

.tls Size: 512B - Virtual size: 8B

.rsrc Size: 32KB - Virtual size: 32KB

.reloc Size: 114KB - Virtual size: 114KB

/14 Size: 2KB - Virtual size: 2KB

/29 Size: 502KB - Virtual size: 501KB

/41 Size: 33KB - Virtual size: 32KB

/55 Size: 83KB - Virtual size: 82KB

/67 Size: 8KB - Virtual size: 8KB

/80 Size: 6KB - Virtual size: 5KB

/91 Size: 109KB - Virtual size: 109KB

/102 Size: 3KB - Virtual size: 3KB

.text
Size: 2.2MB - Virtual size: 2.2MB

.data
Size: 80KB - Virtual size: 80KB

.rdata
Size: 354KB - Virtual size: 354KB

/4
Size: 322KB - Virtual size: 322KB

.bss
Size: - Virtual size: 67.1MB

.idata
Size: 8KB - Virtual size: 8KB

.CRT
Size: 512B - Virtual size: 52B

.tls
Size: 512B - Virtual size: 8B

.rsrc
Size: 32KB - Virtual size: 32KB

.reloc
Size: 114KB - Virtual size: 114KB

/14
Size: 2KB - Virtual size: 2KB

/29
Size: 502KB - Virtual size: 501KB

/41
Size: 33KB - Virtual size: 32KB

/55
Size: 83KB - Virtual size: 82KB

/67
Size: 8KB - Virtual size: 8KB

/80
Size: 6KB - Virtual size: 5KB

/91
Size: 109KB - Virtual size: 109KB

/102
Size: 3KB - Virtual size: 3KB