ac08771daa30648dbfe356113bd2ccd0_NEIKI

Sharing

Copy URL Twitter E-mail

General

Target

ac08771daa30648dbfe356113bd2ccd0_NEIKI
Size

341KB
MD5

ac08771daa30648dbfe356113bd2ccd0
SHA1

405c65e3195820eb51a8a8d40cab1aac5e282901
SHA256

ce2f8a2bdc9a729e7c7e70860a174d9f3f389a3a4e5019d625158e9d977576b6
SHA512

fce0e14146dc8639e1eb6991370e5264a6da04c3530cd24015f525846b646a55f9e4e716fb7668459cce3100c6f1b399e2b845df22c205302d9d6e4f11bfb364
SSDEEP

6144:roK0h9cwFI2sFO9NfyO9wWqRK2bs4rQ0Nk+Nwsx32HfI+PEGH6td0bg:ronh9cwFIeZyO98okHrQ0NkowaGfIE2t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac08771daa30648dbfe356113bd2ccd0_NEIKI

Files

ac08771daa30648dbfe356113bd2ccd0_NEIKI
.dll windows:4 windows x86 arch:x86

a25fba83394adeb7723f9f0c1b482394

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FileTimeToSystemTime
lstrlenA
FileTimeToLocalFileTime
LocalAlloc
GetFileSize
CreateFileMappingW
MapViewOfFileEx
UnmapViewOfFile
SetEndOfFile
CreateFileW
WriteFile
CloseHandle
MulDiv
InterlockedCompareExchange
InitializeCriticalSection
DisableThreadLibraryCalls
DeleteCriticalSection
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
GlobalReAlloc
lstrcmpiW
GetCurrentProcessId
FindClose
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
GetVersionExA
GetACP
GetLocaleInfoA
GetThreadLocale
HeapSize
QueryPerformanceCounter
GetTickCount
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
FindNextFileW
FindFirstFileW
GetSystemTimeAsFileTime
GetVersionExW
LocalFree
Sleep
FreeLibrary
GetProcAddress
LoadLibraryW
MultiByteToWideChar
QueueUserWorkItem
InterlockedExchange
InterlockedDecrement
InterlockedIncrement
SystemTimeToFileTime
GetLastError
WideCharToMultiByte
MoveFileExW
GetTempFileNameW
GetTempPathW
lstrcpynW
GlobalUnlock
GlobalFree
GlobalLock
GlobalAlloc
DeleteFileW
GetSystemTime
lstrcmpW
lstrcpyW
lstrlenW
HeapAlloc
HeapReAlloc
GetProcessHeap
HeapFree
LeaveCriticalSection
EnterCriticalSection
lstrcatW
GetCurrentThreadId
GetModuleHandleW
GetModuleFileNameW
RaiseException
SetLastError
FlushInstructionCache
GetCurrentProcess
LoadLibraryA

user32

PeekMessageW
WaitMessage
DrawEdge
UpdateWindow
DrawFrameControl
DialogBoxIndirectParamW
GetDialogBaseUnits
CharNextW
CharLowerA
SetParent
GetCaretPos
GetKeyboardState
SetKeyboardState
IsWindowVisible
GetClipboardData
RegisterWindowMessageW
GetDlgItemTextW
GetMessageW
SetCapture
GetCapture
ReleaseCapture
OffsetRect
GetWindowInfo
GetWindowDC
FrameRect
MonitorFromWindow
MonitorFromPoint
FindWindowExW
EnumChildWindows
RemoveMenu
GetMenuItemInfoW
GetMenuItemCount
InsertMenuItemW
GetDlgItemInt
GetComboBoxInfo
SendMessageTimeoutW
IsWindow
RegisterClipboardFormatW
PostMessageW
MessageBeep
GetWindowTextLengthW
GetActiveWindow
MessageBoxW
GetParent
GetSystemMenu
SystemParametersInfoW
SetTimer
ReplyMessage
DrawTextW
PtInRect
GetClientRect
GetCursorPos
GetWindowLongW
TrackPopupMenuEx
EnableMenuItem
FillRect
ScreenToClient
TranslateAcceleratorW
SetClipboardData
GetSysColor
AdjustWindowRectEx
MoveWindow
DestroyAcceleratorTable
DestroyWindow
KillTimer
TrackMouseEvent
CreateWindowExW
EmptyClipboard
CloseClipboard
RegisterClassExW
OpenClipboard
CallWindowProcW
LoadCursorW
RedrawWindow
DefWindowProcW
SendDlgItemMessageW
CreateDialogParamW
EnableWindow
SetFocus
ShowWindow
SetDlgItemInt
MapWindowPoints
GetWindowRect
SetWindowPos
DestroyMenu
TrackPopupMenu
ClientToScreen
GetSubMenu
LoadMenuW
SetWindowTextW
GetClassInfoExW
CreatePopupMenu
GetFocus
DispatchMessageW
TranslateMessage
AdjustWindowRect
LoadMenuIndirectW
EnumWindows
GetClassNameW
GetMenuItemID
UnhookWindowsHookEx
SetWindowsHookExW
CallNextHookEx
EndMenu
GetGUIThreadInfo
SetMenuInfo
DeleteMenu
GetMenuInfo
AppendMenuW
CheckMenuItem
CheckMenuRadioItem
InvalidateRect
GetSystemMetrics
IsChild
WindowFromPoint
GetMessageTime
GetMessagePos
GetKeyState
CheckDlgButton
IsDlgButtonChecked
GetSysColorBrush
GetDlgCtrlID
FindWindowW
BringWindowToTop
IsIconic
SetForegroundWindow
AttachThreadInput
GetForegroundWindow
GetWindowThreadProcessId
SetCursor
GetMonitorInfoW
MonitorFromRect
ReleaseDC
GetWindow
GetDC
CreateAcceleratorTableW
CopyAcceleratorTableW
DestroyIcon
SetDlgItemTextW
wsprintfW
GetWindowTextW
EndDialog
GetDlgItem
SendMessageW
DialogBoxParamW
LoadImageW
SetWindowLongW
SetMenuItemInfoW
UnregisterClassA

gdi32

CreateDIBSection
GetStockObject
CreateFontW
GetTextColor
Rectangle
GetTextMetricsW
GetObjectW
SetWindowOrgEx
GetMapMode
SetMapMode
GetWindowExtEx
GetViewportExtEx
SelectClipRgn
CreateRectRgn
GetDeviceCaps
CreateFontIndirectW
SetBkColor
SetViewportOrgEx
LineTo
MoveToEx
CreatePen
SetBkMode
GetCurrentObject
SelectObject
SetTextColor
DeleteObject
CreateSolidBrush
DeleteDC
BitBlt
CreateBrushIndirect
CreateCompatibleDC
CreateCompatibleBitmap
OffsetWindowOrgEx

advapi32

RegQueryValueExW
RegCloseKey
RegQueryInfoKeyW
RegEnumKeyExW
RegCreateKeyExW
RegDeleteValueW
RegSetValueExW
RegDeleteKeyW
RegOpenKeyExW

ole32

RevokeDragDrop
CoCreateInstance
CoInitialize
CoUninitialize
StringFromGUID2
CoCreateGuid
DoDragDrop
CoTaskMemRealloc
CoTaskMemAlloc
CLSIDFromString
RegisterDragDrop
OleUninitialize
OleInitialize
CoTaskMemFree
ReleaseStgMedium
OleDuplicateData

oleaut32

VariantChangeType
VariantInit
VariantClear
SysStringLen
SysAllocString
VariantCopy
SysAllocStringLen
OleCreateFontIndirect
VarUI4FromStr
SysStringByteLen
SysFreeString

shlwapi

StrCmpW
StrStrW
PathFindExtensionW
PathUnExpandEnvStringsW
UrlCombineW
StrPBrkW
PathRenameExtensionW
PathAddExtensionW
PathCombineW
StrCmpIW
StrChrW
UrlIsW
StrRChrW
PathFileExistsW
wnsprintfW
PathFindFileNameW
PathRemoveExtensionW
PathQuoteSpacesW
PathRemoveFileSpecW
PathAppendW
StrStrIW
StrCmpNA
StrToIntExW
StrStrA
StrToIntA
StrRetToBufW
StrDupW
PathGetCharTypeW
StrRetToBSTR
ord29
StrCmpNIW
StrDupA

comctl32

ImageList_Draw
ImageList_GetIcon
ImageList_Destroy
ImageList_Create
ImageList_Add
InitCommonControlsEx
ImageList_Remove
ord13
ord14
ord15

wininet

CreateUrlCacheEntryW
InternetTimeToSystemTimeW
InternetTimeFromSystemTimeW
InternetCrackUrlW

urlmon

URLDownloadToCacheFileW
URLDownloadToFileW

Exports

Exports

GetClassObject

Sections

.text
Size: 265KB - Virtual size: 264KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a25fba83394adeb7723f9f0c1b482394

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

shlwapi

comctl32

wininet

urlmon

Exports

Exports

Sections

.text Size: 265KB - Virtual size: 264KB

.rdata Size: 41KB - Virtual size: 40KB

.data Size: 1024B - Virtual size: 6KB

.rsrc Size: 15KB - Virtual size: 14KB

.reloc Size: 18KB - Virtual size: 18KB

.text
Size: 265KB - Virtual size: 264KB

.rdata
Size: 41KB - Virtual size: 40KB

.data
Size: 1024B - Virtual size: 6KB

.rsrc
Size: 15KB - Virtual size: 14KB

.reloc
Size: 18KB - Virtual size: 18KB