e097d10cf0e67983567866f496065320_NEIKI

Sharing

Copy URL

Twitter E-mail

General

Target

e097d10cf0e67983567866f496065320_NEIKI
Size

129KB
MD5

e097d10cf0e67983567866f496065320
SHA1

612ea17936fbe5dda27dd5f18d7d63a5f092975e
SHA256

a55e5be9a388a9ac26625521faae2737a490585cd7da521b01a0124a00bbd508
SHA512

0cae80aafddc575f665a50d0111287d7b1605c38e565f6e60eaa470cc6b9d1db80919af592ef9e410d6917b896298abf1ffed23771332ddc72e15ad7fa230630
SSDEEP

3072:mrtNLHyOCTTCRqsLRPSSOdF3slLZ73t36yQwhW:mhVQTeLRPSSOdF3slVLt3l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e097d10cf0e67983567866f496065320_NEIKI

Files

e097d10cf0e67983567866f496065320_NEIKI
.exe windows:6 windows x64 arch:x64

7def3fbd02e6f4f0081aae7641a547b5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

ntdll

RtlGetNtVersionNumbers

api-ms-win-crt-convert-l1-1-0

mbrtowc
strtoll
strtoul
strtoull
wcrtomb
wcstombs

api-ms-win-crt-environment-l1-1-0

__p__environ
__p__wenviron
_putenv
getenv

api-ms-win-crt-filesystem-l1-1-0

_fstat64
_lock_file
_unlock_file

api-ms-win-crt-heap-l1-1-0

_set_new_mode
calloc
free
malloc
realloc

api-ms-win-crt-math-l1-1-0

__setusermatherr
_fdopen

api-ms-win-crt-private-l1-1-0

__C_specific_handler
memcmp
memcpy
strchr
strrchr

api-ms-win-crt-runtime-l1-1-0

__p___argc
__p___argv
__p___wargv
_cexit
_configure_narrow_argv
_configure_wide_argv
_crt_at_quick_exit
_crt_atexit
_errno
_exit
_initialize_narrow_environment
_initialize_wide_environment
_initterm
_set_app_type
_set_invalid_parameter_handler
abort
exit
perror
signal
strerror

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__p__commode
__p__fmode
__stdio_common_vfprintf
__stdio_common_vfwprintf
_fileno
_isatty
_open_osfhandle
fclose
feof
ferror
fflush
fgetc
fopen
fputc
fputs
fread
ftell
fwrite
getc
putchar
puts

api-ms-win-crt-string-l1-1-0

_strdup
_stricmp
_strnicmp
memset
strcmp
strcspn
strlen
strncmp
strncpy
wcslen

api-ms-win-crt-time-l1-1-0

__daylight
__timezone
__tzname
_time64
_tzset

api-ms-win-crt-utility-l1-1-0

qsort

kernel32

CloseHandle
CreateFileA
CreateFileW
DeleteCriticalSection
DeviceIoControl
EnterCriticalSection
FindClose
FindFirstFileA
FindNextFileA
FormatMessageW
FreeLibrary
GetConsoleMode
GetLastError
GetProcAddress
GetStdHandle
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LocalAlloc
LocalFree
RaiseException
SetConsoleMode
SetDefaultDllDirectories
SetDllDirectoryA
SetUnhandledExceptionFilter
Sleep
TlsGetValue
VirtualProtect
VirtualQuery
WideCharToMultiByte

api-ms-win-crt-locale-l1-1-0

localeconv

Sections

.text
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 268B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7def3fbd02e6f4f0081aae7641a547b5

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-private-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-utility-l1-1-0

kernel32

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 106KB - Virtual size: 105KB

.rdata Size: 15KB - Virtual size: 14KB

.data Size: 1KB - Virtual size: 29KB

.pdata Size: 1KB - Virtual size: 1KB

.00cfg Size: 512B - Virtual size: 16B

.tls Size: 512B - Virtual size: 16B

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 268B

.text
Size: 106KB - Virtual size: 105KB

.rdata
Size: 15KB - Virtual size: 14KB

.data
Size: 1KB - Virtual size: 29KB

.pdata
Size: 1KB - Virtual size: 1KB

.00cfg
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 16B

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 268B