2614dafbbeaef5984925db322befeda0_NEIKI

Sharing

Copy URL Twitter E-mail

General

Target

2614dafbbeaef5984925db322befeda0_NEIKI
Size

2.5MB
MD5

2614dafbbeaef5984925db322befeda0
SHA1

ad40dfef90ef88ef1d231fd0ef96f2a9b9271c98
SHA256

f8d77cdbdb3c9505b7120d09adb65ac71448b586fa8038f9d34a398cef3d3d36
SHA512

de5ed1a45fe6ee1a2e42bb08dde95cf8fb2865941a600bcad1797521c50969156f18a2f989b5691a22ea8edd4275c2b32b25f992dc381623b2a8845c53d69fc9
SSDEEP

49152:Xo7km6UwHs4izRhpBuyLIbLsePJXtpAkrLt0o++KNfgp2rQIQKLpXUoe:c6U/4G9BuyLslPV7AgLOo++KNfgwQIQp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2614dafbbeaef5984925db322befeda0_NEIKI

Files

2614dafbbeaef5984925db322befeda0_NEIKI
.dll windows:5 windows x86 arch:x86

b9f8ab1cb6ae60b69ae477da8a026584

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualAlloc
VirtualQuery
SetStdHandle
GetFileType
GetStdHandle
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetTimeZoneInformation
GetDateFormatW
GetTimeFormatW
LCMapStringW
GetStartupInfoW
GetModuleFileNameA
QueryPerformanceCounter
GetEnvironmentStringsW
ExitProcess
GetSystemInfo
SetUnhandledExceptionFilter
GetStringTypeW
GetConsoleCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
OutputDebugStringW
GetDriveTypeW
WriteConsoleW
SetEnvironmentVariableA
ExitThread
GetCommandLineA
lstrlenA
HeapQueryInformation
UnhandledExceptionFilter
GetModuleHandleExW
IsProcessorFeaturePresent
InterlockedDecrement
GetSystemTimeAsFileTime
RtlUnwind
FindResourceExW
GetProfileIntW
SearchPathW
GetWindowsDirectoryW
GetTempPathW
GetTempFileNameW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GlobalFlags
VerifyVersionInfoW
lstrcpyW
VerSetConditionMask
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GetFileAttributesW
GlobalGetAtomNameW
SetErrorMode
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
FreeResource
FreeLibrary
EncodePointer
FileTimeToSystemTime
FindNextFileW
FileTimeToLocalFileTime
SetThreadPriority
CreateEventW
SetEvent
lstrcmpA
LoadLibraryA
lstrcmpiW
LoadLibraryExW
GetModuleHandleA
DuplicateHandle
OutputDebugStringA
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindFirstFileW
FindClose
MulDiv
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
SetLastError
RaiseException
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
DecodePointer
GetModuleFileNameW
VirtualProtect
CopyFileW
DeleteFileW
GetCurrentDirectoryW
WinExec
GetSystemDirectoryW
GetLocalTime
GetSystemTime
IsDebuggerPresent
CreateThread
TerminateProcess
GetCurrentProcess
OpenProcess
GetPrivateProfileStringW
GetPrivateProfileIntW
WritePrivateProfileStringW
GetVersionExW
CancelIo
FindResourceW
FormatMessageW
SizeofResource
LoadResource
Sleep
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
ResumeThread
SuspendThread
PostQueuedCompletionStatus
GetQueuedCompletionStatus
CreateIoCompletionPort
GetExitCodeThread
GetCurrentThreadId
GetCurrentThread
LocalFree
LockResource
WideCharToMultiByte
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
LoadLibraryW
GetTickCount
WaitForSingleObject
WriteProcessMemory
CreateRemoteThread
GetCurrentProcessId
VirtualFreeEx
VirtualAllocEx
MultiByteToWideChar
CreateFileW
GetModuleHandleW
CloseHandle
DeviceIoControl
GetLastError
GetProcAddress
FreeEnvironmentStringsW

user32

FrameRect
CopyIcon
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
TranslateAcceleratorW
ModifyMenuW
CharUpperBuffW
RegisterClipboardFormatW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
InvertRect
HideCaret
GetIconInfo
LoadImageW
GetNextDlgGroupItem
SetClassLongW
LockWindowUpdate
BringWindowToTop
SetParent
SetRect
SetCursorPos
CopyAcceleratorTableW
DestroyAcceleratorTable
CreateAcceleratorTableW
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
DrawIconEx
DrawFocusRect
DrawFrameControl
DrawEdge
DestroyIcon
MonitorFromPoint
UnionRect
EnableScrollBar
UpdateLayeredWindow
IsMenu
IsRectEmpty
SetMenuDefaultItem
GetMenuDefaultItem
CreatePopupMenu
NotifyWinEvent
OffsetRect
WindowFromPoint
MessageBeep
SetWindowRgn
DeleteMenu
GetSystemMenu
KillTimer
ReleaseCapture
SetCapture
GetAsyncKeyState
IsZoomed
IsIconic
TrackMouseEvent
LoadMenuW
CopyImage
GetMenuItemInfoW
DestroyMenu
RealChildWindowFromPoint
IntersectRect
InflateRect
EnumDisplayMonitors
SystemParametersInfoW
SetRectEmpty
SetLayeredWindowAttributes
LoadCursorW
GetSysColorBrush
SetCursor
ShowOwnedPopups
PostQuitMessage
MapVirtualKeyW
GetKeyNameTextW
GetWindowThreadProcessId
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
IsDialogMessageW
SetWindowTextW
PostThreadMessageW
CheckDlgButton
SetDlgItemTextW
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
GetLastActivePopup
GetTopWindow
GetClassLongW
SetWindowLongW
GetWindowLongW
PtInRect
EqualRect
CopyRect
MapWindowPoints
AdjustWindowRectEx
GetWindowRect
GetWindowTextLengthW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
SetForegroundWindow
SetActiveWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
wsprintfW
wsprintfA
PostMessageW
SendMessageW
EnableWindow
IsChild
IsWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
RegisterWindowMessageW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
WaitMessage
GetDoubleClickTime
DrawIcon
GetWindowRgn
MapDialogRect
DestroyCursor
GetComboBoxInfo
CreateMenu
SubtractRect
GetUpdateRect
IsClipboardFormatAvailable
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
MapVirtualKeyExW
GetForegroundWindow
GetWindowTextW
MessageBoxW
GetDesktopWindow
GetClassNameW
GetWindow
LoadIconW
IsWindowVisible
SetTimer
DrawMenuBar
IsWindowEnabled
UnregisterClassW
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
AppendMenuW
RemoveMenu
CharUpperW
GetSystemMetrics
GetMessageW
TranslateMessage
DispatchMessageW
PeekMessageW
GetActiveWindow
GetKeyState
ValidateRect
GetCursorPos
SetWindowsHookExW
CallNextHookEx
DrawStateW
UpdateWindow
InvalidateRect
GetClientRect
FillRect
LoadBitmapW
UnhookWindowsHookEx
DrawTextW
DrawTextExW
GrayStringW
TabbedTextOutW
GetDC
GetWindowDC
ReleaseDC
BeginPaint
EndPaint
ClientToScreen
ScreenToClient
GetSysColor
SendDlgItemMessageA
GetParent
IsCharLowerW

gdi32

SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
PatBlt
CreateCompatibleBitmap
CreateDIBitmap
CreateFontIndirectW
EnumFontFamiliesW
GetTextCharsetInfo
GetTextMetricsW
CombineRgn
SetRectRgn
DPtoLP
GetTextExtentPoint32W
CreateRoundRectRgn
CreateDIBSection
CreateEllipticRgn
Ellipse
GetBkColor
GetTextColor
CreatePolygonRgn
Polygon
Polyline
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
SetPixel
StretchBlt
SetWindowExtEx
GetRgnBox
OffsetRgn
Rectangle
RoundRect
EnumFontFamiliesExW
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
SetPixelV
GetTextFaceW
SetViewportOrgEx
SetViewportExtEx
ExtTextOutW
TextOutW
MoveToEx
SetDIBColorTable
DeleteDC
SetTextAlign
SetTextColor
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SetBkColor
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
CreateBitmap
BitBlt
GetObjectW
GetStockObject
DeleteObject
CreateSolidBrush
GetDeviceCaps
CreateDCW
CopyMetaFileW

msimg32

TransparentBlt
AlphaBlend

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shell32

ShellExecuteW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHAppBarMessage
SHBrowseForFolderW
DragFinish
DragQueryFileW
SHGetFileInfoW

shlwapi

PathFindExtensionW
PathFindFileNameW
StrFormatKBSizeW
PathRemoveFileSpecW
PathStripToRootW
PathIsUNCW

uxtheme

GetThemePartSize
IsThemeBackgroundPartiallyTransparent
GetWindowTheme
GetThemeSysColor
GetCurrentThemeName
IsAppThemed
DrawThemeParentBackground
DrawThemeText
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor

ole32

CoTaskMemFree
CoTaskMemAlloc
CoSetProxyBlanket
CoInitializeSecurity
CoUninitialize
OleDuplicateData
ReleaseStgMedium
CoCreateGuid
CoInitialize
CoDisconnectObject
DoDragDrop
CreateStreamOnHGlobal
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoInitializeEx
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
CoCreateInstance
OleGetClipboard

oleaut32

SysAllocStringLen
VariantChangeType
LoadTypeLi
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantCopy
VarBstrFromDate
VariantClear
VariantInit
SysFreeString
SysAllocString

gdiplus

GdipDrawImageI
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDrawImageRectI
GdipSetInterpolationMode
GdipDeleteGraphics
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipAlloc
GdiplusShutdown
GdipFree

ws2_32

WSAWaitForMultipleEvents
WSASocketW
WSASend
WSARecv
WSAEventSelect
WSAEnumNetworkEvents
WSACreateEvent
WSACloseEvent
WSAAccept
WSAGetLastError
WSACleanup
WSAStartup
socket
setsockopt
listen
inet_addr
htons
getpeername
connect
closesocket
bind

mswsock

TransmitFile

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundW
timeGetTime

Exports

Exports

lk9as92hk3

Sections

.text
Size: 1.4MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 353KB - Virtual size: 353KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.upx
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 582KB - Virtual size: 581KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b9f8ab1cb6ae60b69ae477da8a026584

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

ws2_32

mswsock

oleacc

imm32

winmm

Exports

Exports

Sections

.text Size: 1.4MB - Virtual size: 1.3MB

.rdata Size: 353KB - Virtual size: 353KB

.data Size: 70KB - Virtual size: 110KB

.upx Size: 4KB - Virtual size: 3KB

.rsrc Size: 582KB - Virtual size: 581KB

.reloc Size: 121KB - Virtual size: 121KB

.text
Size: 1.4MB - Virtual size: 1.3MB

.rdata
Size: 353KB - Virtual size: 353KB

.data
Size: 70KB - Virtual size: 110KB

.upx
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 582KB - Virtual size: 581KB

.reloc
Size: 121KB - Virtual size: 121KB