07a8d88ca97d1316c7abc423c4c9fff0_NEIKI

Sharing

Copy URL

Twitter E-mail

General

Target

07a8d88ca97d1316c7abc423c4c9fff0_NEIKI
Size

7.6MB
MD5

07a8d88ca97d1316c7abc423c4c9fff0
SHA1

de4dadf02e9511971839c1178ef6e2f74de9404e
SHA256

8ce554282840496c14baeab4c4cf81bc46c2e30bb788f8164bb640192c519d4a
SHA512

1f13015e1ebf6c778f1fe89f6ca6d2ec3a99d7af4f65272019689985a221eed467ba802b03858e54ccc36de54d673a7bc353c7c553b292a657c52f5b72ebed66
SSDEEP

49152:nnkfXBUQ6nM9gGa/0MpNLv5Kb2NEk5hRY4I63LapLvgSs1UfDLcaIqEGJ7IXYbD7:nkfBV6OiNEk5S63OaXKnsdME3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07a8d88ca97d1316c7abc423c4c9fff0_NEIKI

Files

07a8d88ca97d1316c7abc423c4c9fff0_NEIKI
.exe windows:4 windows x86 arch:x86

7b0aea11265f18f3d6126046e1a0dcd1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

ws2_32

WSAGetOverlappedResult

advapi32

CryptAcquireContextW
CryptGenRandom
CryptReleaseContext

ntdll

NtWaitForSingleObject

kernel32

VirtualAlloc
VirtualFree
CreateIoCompletionPort
GetQueuedCompletionStatus
AddVectoredExceptionHandler
CloseHandle
CreateEventA
CreateThread
CreateWaitableTimerA
DuplicateHandle
ExitProcess
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetProcAddress
GetStdHandle
GetSystemInfo
GetThreadContext
LoadLibraryW
LoadLibraryA
ResumeThread
SetConsoleCtrlHandler
SetEvent
SetProcessPriorityBoost
SetThreadPriority
SetUnhandledExceptionFilter
SetWaitableTimer
SuspendThread
WaitForSingleObject
WriteFile

winmm

timeBeginPeriod

Sections

.text
Size: 4.9MB - Virtual size: 4.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 352KB - Virtual size: 445KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 512B - Virtual size: 253B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/18
Size: 223KB - Virtual size: 222KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/30
Size: 219KB - Virtual size: 219KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/43
Size: 1017KB - Virtual size: 1016KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/55
Size: 342KB - Virtual size: 341KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/71
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/87
Size: 512B - Virtual size: 28B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.symtab
Size: 485KB - Virtual size: 485KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7b0aea11265f18f3d6126046e1a0dcd1

Headers

File Characteristics

Imports

ws2_32

advapi32

ntdll

kernel32

winmm

Sections

.text Size: 4.9MB - Virtual size: 4.9MB

.data Size: 352KB - Virtual size: 445KB

/4 Size: 512B - Virtual size: 253B

/18 Size: 223KB - Virtual size: 222KB

/30 Size: 219KB - Virtual size: 219KB

/43 Size: 1017KB - Virtual size: 1016KB

/55 Size: 342KB - Virtual size: 341KB

/71 Size: 145KB - Virtual size: 145KB

/87 Size: 512B - Virtual size: 28B

.idata Size: 1KB - Virtual size: 1KB

.symtab Size: 485KB - Virtual size: 485KB

.text
Size: 4.9MB - Virtual size: 4.9MB

.data
Size: 352KB - Virtual size: 445KB

/4
Size: 512B - Virtual size: 253B

/18
Size: 223KB - Virtual size: 222KB

/30
Size: 219KB - Virtual size: 219KB

/43
Size: 1017KB - Virtual size: 1016KB

/55
Size: 342KB - Virtual size: 341KB

/71
Size: 145KB - Virtual size: 145KB

/87
Size: 512B - Virtual size: 28B

.idata
Size: 1KB - Virtual size: 1KB

.symtab
Size: 485KB - Virtual size: 485KB