ab40761dce3d1cf9e3b6316b4e040240_NEIKI

Sharing

Copy URL Twitter E-mail

General

Target

ab40761dce3d1cf9e3b6316b4e040240_NEIKI
Size

175KB
MD5

ab40761dce3d1cf9e3b6316b4e040240
SHA1

2df9b38b77aba96588db871531639eced48236ce
SHA256

f294ee0108ce298dce48d49d76a91241786bcce9586a6491f8f13640413e91cb
SHA512

ebdc2d170e210425cd75519b28d43f60e9294f6eda566d69137e43216b7d0daf89c3f66120b66a7103fc47531d9458507e9f5b55482f5e558332afa1ebb78151
SSDEEP

3072:967/SmYRe8e97bT3tH1VmZIsUsTU6elkyxomwN+LJYzzTEz9uclv:AemYRe8Y3tH1qElRxomwA1YvTEz9u4v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab40761dce3d1cf9e3b6316b4e040240_NEIKI

Files

ab40761dce3d1cf9e3b6316b4e040240_NEIKI
.exe windows:4 windows x86 arch:x86

563103f732cae491d3598090da77a431

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

libbabl-0.1-0

babl_format_get_bytes_per_pixel
babl_format_has_alpha

libgcc_s_dw2-1

_Unwind_Resume
__deregister_frame_info
__register_frame_info

libgegl-0.4-0

gegl_buffer_get
gegl_buffer_get_extent
gegl_buffer_get_format
gegl_buffer_set
gegl_init

libgimp-2.0-0

gimp_drawable_get_buffer
gimp_drawable_is_indexed
gimp_drawable_offsets
gimp_image_add_hguide
gimp_image_add_vguide
gimp_image_find_next_guide
gimp_image_get_guide_orientation
gimp_image_get_guide_position
gimp_image_get_layers
gimp_image_insert_layer
gimp_image_new
gimp_image_set_colormap
gimp_image_set_filename
gimp_install_procedure
gimp_item_transform_translate
gimp_layer_new
gimp_main
gimp_progress_init
gimp_register_magic_load_handler
gimp_register_save_handler

libgimpui-2.0-0

gimp_ui_init

libglib-2.0-0

g_log

libgobject-2.0-0

g_object_unref

libgtk-win32-2.0-0

gtk_button_set_image
gtk_dialog_get_widget_for_response
gtk_dialog_run
gtk_file_chooser_dialog_new
gtk_file_chooser_get_filename_utf8
gtk_image_new_from_icon_name
gtk_window_set_modal

kernel32

AttachConsole
DeleteCriticalSection
EnterCriticalSection
FindClose
FindFirstFileA
FindNextFileA
FormatMessageA
FreeConsole
FreeLibrary
GetConsoleWindow
GetFileAttributesA
GetFileType
GetLastError
GetModuleHandleA
GetProcAddress
GetStdHandle
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
LocalFree
SetUnhandledExceptionFilter
Sleep
TlsGetValue
VirtualProtect
VirtualQuery

msvcrt

__argc
__getmainargs
__initenv
__p___argv
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_amsg_exit
_assert
_cexit
_chdir
_errno
_findclose
_findfirst
_findnext
_fullpath
_initterm
_iob
_mkdir
_onexit
abort
calloc
exit
fclose
fflush
fprintf
free
freopen
ftell
fwrite
malloc
memcpy
memmove
memset
memcmp
rand
remove
setvbuf
signal
strcmp
strcpy
strlen
strncmp
strrchr
strtol
toupper
vfprintf

libstdc++-6

_ZNKSt5ctypeIcE13_M_widen_initEv
_ZNKSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE16find_last_not_ofEcj
_ZNKSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE17find_first_not_ofEPKcjj
_ZNKSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE4findEPKcjj
_ZNKSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE4findEcj
_ZNSi3getEv
_ZNSi4peekEv
_ZNSi4readEPci
_ZNSi5seekgESt4fposIiE
_ZNSi5seekgExSt12_Ios_Seekdir
_ZNSi5tellgEv
_ZNSi5ungetEv
_ZNSi6ignoreEi
_ZNSo3putEc
_ZNSo5flushEv
_ZNSo5seekpESt4fposIiE
_ZNSo5seekpExSt12_Ios_Seekdir
_ZNSo5tellpEv
_ZNSo5writeEPKci
_ZNSo9_M_insertImEERSoT_
_ZNSolsEPSt15basic_streambufIcSt11char_traitsIcEE
_ZNSolsEi
_ZNSt13basic_filebufIcSt11char_traitsIcEE4openEPKcSt13_Ios_Openmode
_ZNSt13basic_filebufIcSt11char_traitsIcEEC1Ev
_ZNSt13basic_filebufIcSt11char_traitsIcEED1Ev
_ZNSt16invalid_argumentC1EPKc
_ZNSt16invalid_argumentD1Ev
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE10_M_disposeEv
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE10_M_replaceEjjPKcj
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE12_M_constructEjc
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE4swapERS4_
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE6resizeEjc
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE7reserveEj
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE9_M_appendEPKcj
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE9_M_assignERKS4_
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE9_M_createERjj
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE9_M_mutateEjjPKcj
_ZNSt8ios_base15sync_with_stdioEb
_ZNSt8ios_baseC2Ev
_ZNSt8ios_baseD2Ev
_ZNSt9basic_iosIcSt11char_traitsIcEE4initEPSt15basic_streambufIcS1_E
_ZNSt9basic_iosIcSt11char_traitsIcEE5clearESt12_Ios_Iostate
_ZNSt9exceptionD2Ev
_ZSt16__ostream_insertIcSt11char_traitsIcEERSt13basic_ostreamIT_T0_ES6_PKS3_i
_ZSt16__throw_bad_castv
_ZSt18_Rb_tree_decrementPSt18_Rb_tree_node_base
_ZSt18_Rb_tree_incrementPSt18_Rb_tree_node_base
_ZSt19__throw_logic_errorPKc
_ZSt20__throw_length_errorPKc
_ZSt24__throw_out_of_range_fmtPKcz
_ZSt25__throw_bad_function_callv
_ZSt28_Rb_tree_rebalance_for_erasePSt18_Rb_tree_node_baseRS_
_ZSt29_Rb_tree_insert_and_rebalancebPSt18_Rb_tree_node_baseS0_RS_
_ZSt4cerr
_ZStlsISt11char_traitsIcEERSt13basic_ostreamIcT_ES5_PKc
_ZTTSt14basic_ifstreamIcSt11char_traitsIcEE
_ZTTSt14basic_ofstreamIcSt11char_traitsIcEE
_ZTVN10__cxxabiv117__class_type_infoE
_ZTVN10__cxxabiv120__si_class_type_infoE
_ZTVSt14basic_ifstreamIcSt11char_traitsIcEE
_ZTVSt14basic_ofstreamIcSt11char_traitsIcEE
_ZTVSt9basic_iosIcSt11char_traitsIcEE
_ZdaPv
_ZdlPvj
_Znaj
_Znwj
__cxa_allocate_exception
__cxa_begin_catch
__cxa_end_catch
__cxa_free_exception
__cxa_guard_abort
__cxa_guard_acquire
__cxa_guard_release
__cxa_rethrow
__cxa_throw
__cxa_throw_bad_array_new_length
__gxx_personality_v0

Sections

.text
Size: 118KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 964B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 508B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

563103f732cae491d3598090da77a431

Headers

DLL Characteristics

File Characteristics

Imports

libbabl-0.1-0

libgcc_s_dw2-1

libgegl-0.4-0

libgimp-2.0-0

libgimpui-2.0-0

libglib-2.0-0

libgobject-2.0-0

libgtk-win32-2.0-0

kernel32

msvcrt

libstdc++-6

Sections

.text Size: 118KB - Virtual size: 117KB

.data Size: 1024B - Virtual size: 964B

.rdata Size: 12KB - Virtual size: 12KB

/4 Size: 28KB - Virtual size: 28KB

.bss Size: - Virtual size: 508B

.idata Size: 8KB - Virtual size: 7KB

.CRT Size: 512B - Virtual size: 48B

.tls Size: 512B - Virtual size: 8B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 118KB - Virtual size: 117KB

.data
Size: 1024B - Virtual size: 964B

.rdata
Size: 12KB - Virtual size: 12KB

/4
Size: 28KB - Virtual size: 28KB

.bss
Size: - Virtual size: 508B

.idata
Size: 8KB - Virtual size: 7KB

.CRT
Size: 512B - Virtual size: 48B

.tls
Size: 512B - Virtual size: 8B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB