e859e28a502fbf8e3ae80d1831a3f3b0_NEIKI

Sharing

Copy URL Twitter E-mail

General

Target

e859e28a502fbf8e3ae80d1831a3f3b0_NEIKI
Size

5.7MB
MD5

e859e28a502fbf8e3ae80d1831a3f3b0
SHA1

43c3d6d00eedc4a45846073ba22e0cd784ea092e
SHA256

58b03223b7a0995f54a4374b645dff41c7ca100ac6c2bb7066fcaa39a2725d64
SHA512

e220361b6da885d3a73ca8f4b83dcd5c98c6dc046a6d1cc08c6a4afd33c7ff87c0d8e340286ac31df6f1476cc5d30895c42e88305ac810f44f8c324bf700aaf7
SSDEEP

98304:BmEi4547ELRjpkHiyfH7KMxV66dTm2jX3E73PZx6qLXc1X2:J14QLHktK4Tm2jq3x3LXY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e859e28a502fbf8e3ae80d1831a3f3b0_NEIKI

Files

e859e28a502fbf8e3ae80d1831a3f3b0_NEIKI
.dll windows:6 windows x86 arch:x86

a999e5615f71739549ba214d2b5709db

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileSizeEx
LocalAlloc
GetModuleFileNameW
LoadLibraryA
GetProcAddress

user32

PtInRect

advapi32

CryptEncrypt

shell32

SHGetSpecialFolderPathA

FreeMibTable
WSASocketW

setupapi

crypt32

shlwapi

StrStrIA

dbghelp

ImageNtHeader

version

GetFileVersionInfoSizeA

bcrypt

BCryptGenRandom

Sections

.text
Size: - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 854KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.upx0
Size: - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.upx1
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.upx2
Size: 5.7MB - Virtual size: 5.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 233B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a999e5615f71739549ba214d2b5709db

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

setupapi

crypt32

shlwapi

dbghelp

version

bcrypt

Sections

.text Size: - Virtual size: 3.0MB

.rdata Size: - Virtual size: 854KB

.data Size: - Virtual size: 68KB

.upx0 Size: - Virtual size: 2.0MB

.upx1 Size: 2KB - Virtual size: 1KB

.upx2 Size: 5.7MB - Virtual size: 5.7MB

.reloc Size: 2KB - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 233B

.text
Size: - Virtual size: 3.0MB

.rdata
Size: - Virtual size: 854KB

.data
Size: - Virtual size: 68KB

.upx0
Size: - Virtual size: 2.0MB

.upx1
Size: 2KB - Virtual size: 1KB

.upx2
Size: 5.7MB - Virtual size: 5.7MB

.reloc
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 233B