8082ed81c29142f7c53df2b2ac790720_NEIKI

General

Target

8082ed81c29142f7c53df2b2ac790720_NEIKI
Size

152KB
MD5

8082ed81c29142f7c53df2b2ac790720
SHA1

dbb06368141a4af8704437202fb85f709b13473c
SHA256

faa9673c8522d1813aac457c70e24928d33fb1ed9178390b040d0503de818a84
SHA512

563a504da833c1089c28382cd52788e7307e7bf35dc128924c856ccd46123da178f8375dbb99233bae39dae21101e61b4e240f24e8994d32a813953313054eb9
SSDEEP

3072:Z8QAIrlsxvp0irgHISyxBhN98zA/YYUaJ43U8dX3b1RhI:mJptSyN6Awtv7nb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8082ed81c29142f7c53df2b2ac790720_NEIKI

Files

8082ed81c29142f7c53df2b2ac790720_NEIKI
.exe windows:4 windows x86 arch:x86

528d639af231180746954d2ad4d4aa0b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetTickCount
CloseHandle
VirtualFreeEx
GetModuleFileNameA
CreateFileA
ReadFile
GetFileSize
SetSystemTime
GetCurrentThreadId
CopyFileA
ResumeThread
GetStartupInfoA
GetVersion
LoadLibraryA
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
RtlUnwind
GetModuleHandleA
GetCommandLineA
ExitProcess
HeapFree
HeapAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
VirtualAlloc
HeapReAlloc
GetStringTypeW

user32

PostThreadMessageA
GetMessageA
GetInputState

shell32

SHGetSpecialFolderPathA

shlwapi

SHSetValueA
SHDeleteValueA
SHGetValueA

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

528d639af231180746954d2ad4d4aa0b

Headers

File Characteristics

Imports

kernel32

user32

shell32

shlwapi

Sections

.text Size: 24KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 116KB - Virtual size: 113KB

.rsrc Size: 4KB - Virtual size: 960B

.text
Size: 24KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 116KB - Virtual size: 113KB

.rsrc
Size: 4KB - Virtual size: 960B