175463f69fcc39b13cac837e86eb5db0_NEIKI

Sharing

Copy URL Twitter E-mail

General

Target

175463f69fcc39b13cac837e86eb5db0_NEIKI
Size

64KB
MD5

175463f69fcc39b13cac837e86eb5db0
SHA1

5057cf5ce51d2c3ca89283c86224a7ebd37e3a00
SHA256

ec7e436680538fbe3b44b1d090a6c0f467dd19452b1df643b29c049709dfdc45
SHA512

378fa2e66f2264237b8fc570a44af11b23fa3e86158c4c80e1e288e9883f79574bde66872b7df719d488be26c5878f67397d3eee96a068299e6fd41dd726818d
SSDEEP

768:2c4Tfy3rr8F8JQ13JpdwWlpR/UAbVtuY+wKI6SkGkf7TS916gNS3y801QuMRUIIB:cq388JQ13u6uY+LIWm6gKAkRUSif5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
175463f69fcc39b13cac837e86eb5db0_NEIKI

Files

175463f69fcc39b13cac837e86eb5db0_NEIKI
.dll windows:5 windows x86 arch:x86

bc7eed7474c784ec1ce94704bdb6e1b7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\FwVisa\PVDrivers\C25011M\Release\C25011M.pdb

Imports

kernel32

Sleep
GetTickCount
SetThreadPriority
CreateThread
CreateEventW
SetCommTimeouts
SetCommState
BuildCommDCBW
GetCommState
SetupComm
CreateFileW
EscapeCommFunction
WaitCommEvent
WaitForSingleObject
GetLastError
WriteFile
ResetEvent
SetCommMask
SetCommBreak
ClearCommBreak
ReadFile
GetOverlappedResult
PurgeComm
CloseHandle
SetEvent
ExitThread
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
HeapFree
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
VirtualAlloc
HeapReAlloc
LoadLibraryA
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
HeapSize

user32

wsprintfW

Exports

Exports

InitDll

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bc7eed7474c784ec1ce94704bdb6e1b7

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 44KB - Virtual size: 44KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 5KB - Virtual size: 11KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 44KB - Virtual size: 44KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 5KB - Virtual size: 11KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 6KB - Virtual size: 5KB