c35b9ed5eba3460bdacac8603aeb23a0_NEIKI

Sharing

Copy URL Twitter E-mail

General

Target

c35b9ed5eba3460bdacac8603aeb23a0_NEIKI
Size

56KB
MD5

c35b9ed5eba3460bdacac8603aeb23a0
SHA1

f9fd7db5052eb9b988be472afcf054b5ce1ddb61
SHA256

5820c723d6920b68f9ce799bd51857f32e6c0464f9c453b743da7db5f6ef5aba
SHA512

d5956edd7065b0cb0618c0cfadfd5e71e4433a8dda26d7ae9293fe1f9a508469597d87a2f4c2341850cacf3a740bbaa2e81cbb60f835498133f68b11ccb1f4c6
SSDEEP

768:rZszWoi3MV1i1LguDKPO5+73E17aCG2OwT7x6g8vqdwT:rvoJupgu+G5Q3E17aCHOVg8ve2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c35b9ed5eba3460bdacac8603aeb23a0_NEIKI

Files

c35b9ed5eba3460bdacac8603aeb23a0_NEIKI
.exe windows:4 windows x86 arch:x86

dcc3ac88fb45e2157ad5de41d9dd71bd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

comctl32

ord17

advapi32

RegOpenKeyExW
OpenProcessToken
RegSaveKeyW
RegCloseKey
AdjustTokenPrivileges
LookupPrivilegeValueW

kernel32

FormatMessageW
GetLastError
GetModuleHandleW
DeleteFileW
SetFileAttributesW
ExitThread
Sleep
CopyFileW
DeleteFileA
SetFileAttributesA
CreateDirectoryW
GetSystemDirectoryW
lstrcatW
lstrcpyW
GetWindowsDirectoryW
GetCurrentProcess
CreateThread
FindClose
FindFirstFileW
SetErrorMode
CloseHandle
WriteFile
SetFilePointer
ReadFile
CreateFileW
GetCurrentThreadId
LocalAlloc
LocalFree
GetTempFileNameA
FileTimeToDosDateTime
FindFirstFileA
lstrcpyA
FreeLibrary
GetProcAddress
LoadLibraryW
DeviceIoControl
GetVolumeInformationW
GetCommandLineA
GetVersion
GetFileType
CreateFileA
ExitProcess
TerminateProcess
RtlUnwind
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
GetCPInfo
GetACP
GetOEMCP
SetHandleCount
GetStdHandle
GetStartupInfoA
HeapCreate
SetEndOfFile
SetStdHandle
HeapFree
HeapAlloc
LoadLibraryA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

user32

ShowCursor
SetCursor
LoadCursorW
LoadStringW
MessageBoxW
PostMessageW
SendMessageW
SetFocus
GetDlgItem
DefWindowProcW
GetFocus
PostQuitMessage
SetWindowPos
GetSystemMetrics
ShowWindow
UpdateWindow
CreateDialogParamW
RegisterClassW
LoadIconW
GetMessageW
DispatchMessageW
TranslateMessage
IsDialogMessageW
TranslateAcceleratorW
LoadAcceleratorsW
SendDlgItemMessageW
wsprintfA
wsprintfW
EndDialog
SetWindowTextW
DialogBoxParamW
CharToOemA
LoadStringA
CallNextHookEx
SetWindowsHookExW
UnhookWindowsHookEx
DrawMenuBar
WinHelpW
GetWindowRect
GetDesktopWindow

Sections

.text
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dcc3ac88fb45e2157ad5de41d9dd71bd

Headers

File Characteristics

Imports

comctl32

advapi32

kernel32

user32

Sections

.text Size: 38KB - Virtual size: 37KB

.data Size: 2KB - Virtual size: 143KB

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 38KB - Virtual size: 37KB

.data
Size: 2KB - Virtual size: 143KB

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 3KB - Virtual size: 3KB