a5d32118ac80460e56f35de7e00f2830_NEIKI

Sharing

Copy URL Twitter E-mail

General

Target

a5d32118ac80460e56f35de7e00f2830_NEIKI
Size

561KB
MD5

a5d32118ac80460e56f35de7e00f2830
SHA1

65500402632b124786f8b6ae6955b5d6ddf12748
SHA256

a5f7540cc9e71ecb51fcb80e109c51de6a5b94ca0c05308b4738b6c0f7965f95
SHA512

cf70c8fc0a31261ede9c7bd72213ed7c243c1f6522ad41a7a4fdb352b98f9c9796865bb3ef2d7e2a0a1d2144b8780617170a5ec7ae5f7d440bca99f46111f588
SSDEEP

6144:qhltAO3F0zF9FKeMt8Ca1lgG78Mvm/P1vBtiq3Mj6VeA9VzXs3RDqevTIyRB5/QO:f2CFKeMZajlKpnu6d7rs3c5O4rX5Qd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a5d32118ac80460e56f35de7e00f2830_NEIKI

Files

a5d32118ac80460e56f35de7e00f2830_NEIKI
.exe windows:4 windows x86 arch:x86

4ddaa3cc1af5b9120bb0d808a37b4a72

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentDirectoryA
GetProcessVersion
DuplicateHandle
GetCurrentProcess
MulDiv
GlobalFlags
GetPrivateProfileIntA
lstrcmpiA
FindClose
FindFirstFileA
GetVolumeInformationA
GetStringTypeExA
GetThreadLocale
GetShortPathNameA
LockFile
UnlockFile
LocalFileTimeToFileTime
MoveFileA
GetModuleFileNameA
SetErrorMode
RtlUnwind
RaiseException
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
HeapAlloc
GetTimeZoneInformation
GetSystemTime
HeapFree
ExitProcess
TerminateProcess
GetFileSize
SystemTimeToFileTime
GetOEMCP
HeapReAlloc
GetVersion
LocalReAlloc
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStdHandle
HeapCreate
IsBadReadPtr
IsBadCodePtr
GetLocaleInfoA
GetLocaleInfoW
SetStdHandle
CompareStringW
SetEnvironmentVariableA
IsBadWritePtr
lstrcpyA
GetUserDefaultLCID
WriteProfileStringA
GetPrivateProfileStringA
WritePrivateProfileStringA
UnmapViewOfFile
CloseHandle
OpenFileMappingA
CreateFileMappingA
MapViewOfFile
GetProcAddress
LoadLibraryA
TlsSetValue
TlsGetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
GetFileTime
SetFileTime
GetFileAttributesA
FileTimeToLocalFileTime
FileTimeToSystemTime
LocalFree
GlobalGetAtomNameA
GlobalAddAtomA
lstrcatA
HeapSize
ReleaseMutex
CompareStringA
FreeLibrary
CreateMutexA
WideCharToMultiByte
GetLocalTime
MultiByteToWideChar
InterlockedIncrement
lstrlenA
InterlockedDecrement
WaitForSingleObject
GetCurrentThread
GlobalAlloc
GlobalDeleteAtom
GlobalUnlock
GetCurrentThreadId
GlobalLock
FindResourceA
GlobalFree
LockResource
SetLastError
LoadResource
lstrcpynA
ReadFile
SleepEx
WriteFile
FlushFileBuffers
SetEndOfFile
SetFilePointer
GetLastError
DeleteFileA
CreateFileA
SetUnhandledExceptionFilter
GlobalMemoryStatus
GetCPInfo
GetACP
lstrcmpA

user32

CopyRect
DeferWindowPos
EqualRect
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
SystemParametersInfoA
SendDlgItemMessageA
UpdateWindow
LoadIconA
IsDialogMessageA
SetWindowTextA
ShowWindow
InvalidateRect
IsIconic
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
ReleaseCapture
GetDesktopWindow
DestroyMenu
LoadMenuA
SetMenu
ReuseDDElParam
UnpackDDElParam
BringWindowToTop
LoadStringA
ReleaseDC
GetDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
GetClassNameA
PtInRect
ClientToScreen
InsertMenuA
DeleteMenu
GetMenuStringA
LoadCursorA
DestroyIcon
GetTopWindow
BeginDeferWindowPos
GetClientRect
WinHelpA
RegisterClassA
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextA
GetDlgCtrlID
CreateWindowExA
UnhookWindowsHookEx
SetPropA
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetPropA
RemovePropA
CallWindowProcA
GetMessageTime
GetMessagePos
GetWindow
GetWindowRect
GetWindowLongA
SetWindowLongA
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetMessageA
TranslateMessage
DispatchMessageA
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetMessageQueue
SetWindowsHookExA
MessageBoxA
SetCursor
ShowOwnedPopups
PostQuitMessage
GetNextDlgTabItem
EndDialog
IsWindowEnabled
GetActiveWindow
SetActiveWindow
IsWindow
GetSystemMetrics
CreateDialogIndirectParamA
EndDeferWindowPos
ScreenToClient
GetCapture
IsChild
GetMenu
DestroyWindow
GetParent
wsprintfA
CharLowerBuffA
CharUpperBuffA
RegisterWindowMessageA
SendMessageA
PostMessageA
EnableWindow
FindWindowA
GetClassInfoA
DefWindowProcA
GetMenuCheckMarkDimensions
CharUpperA
SetWindowPos
WindowFromPoint
UnregisterClassA

gdi32

SetTextColor
GetDeviceCaps
GetStockObject
GetObjectA
SelectObject
DeleteObject
DeleteDC
SaveDC
RestoreDC
SetMapMode
OffsetViewportOrgEx
SetViewportExtEx
SetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetClipBox
SetWindowExtEx
CreatePen
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
CreateBitmap
SetBkColor

comdlg32

GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegSetValueA
RegQueryValueA
RegSetValueExA
RegCreateKeyExA
RegCreateKeyA
RegDeleteKeyA
RegCloseKey
RegEnumValueA
RegOpenKeyExA
SetFileSecurityA
RegQueryValueExA
RegDeleteValueA
RegOpenKeyA
GetFileSecurityA

shell32

DragFinish
DragQueryFileA
SHGetFileInfoA
ExtractIconA

comctl32

ord17

Sections

.text
Size: 406KB - Virtual size: 406KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4ddaa3cc1af5b9120bb0d808a37b4a72

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

Sections

.text Size: 406KB - Virtual size: 406KB

.rdata Size: 67KB - Virtual size: 67KB

.data Size: 17KB - Virtual size: 35KB

.idata Size: 8KB - Virtual size: 7KB

.rsrc Size: 22KB - Virtual size: 21KB

.reloc Size: 39KB - Virtual size: 38KB

.text
Size: 406KB - Virtual size: 406KB

.rdata
Size: 67KB - Virtual size: 67KB

.data
Size: 17KB - Virtual size: 35KB

.idata
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 22KB - Virtual size: 21KB

.reloc
Size: 39KB - Virtual size: 38KB