2bf2479b4e337527762e4116074b6520_NEIKI

Sharing

Copy URL

Twitter E-mail

General

Target

2bf2479b4e337527762e4116074b6520_NEIKI
Size

27KB
MD5

2bf2479b4e337527762e4116074b6520
SHA1

50292518ebb2dc637f4fb52df9446c95b2d39d97
SHA256

bbbc43d1816d438070814cc9eac2e5b6b022d4437c45c98fb78bc892337f2b7f
SHA512

cc5999ab1f47dcb1091645839e46c7f4156eaa2fbbdc0278c34f2bac11c893526581a2e6cecf254b8bf38803b21a3949bb2f547e55007220893a54ee67c04d26
SSDEEP

384:AIozbLLVh5bz7dwmhLC6uUgBSJbDL8o3:AIoznLVh5PhthLC6M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2bf2479b4e337527762e4116074b6520_NEIKI

Files

2bf2479b4e337527762e4116074b6520_NEIKI
.exe windows:4 windows x86 arch:x86

b85600567e20bd6524054f7518d552c5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegCloseKey
RegCreateKeyA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

kernel32

AddAtomA
AllocConsole
Beep
CloseHandle
CreateMutexA
ExitProcess
FillConsoleOutputCharacterA
FindAtomA
FindClose
FindFirstFileA
FindNextFileA
GetAtomNameA
GetConsoleScreenBufferInfo
GetLastError
GetStdHandle
ReadConsoleOutputAttribute
ReadConsoleOutputCharacterA
ReleaseMutex
SetConsoleTitleA
SetFileAttributesA
SetUnhandledExceptionFilter
WaitForSingleObject
WriteConsoleOutputAttribute
WriteConsoleOutputCharacterA

msvcrt

_getch
_kbhit
_sleep
_spawnl
__getmainargs
__p__environ
__p__fmode
__set_app_type
_beginthread
_cexit
_iob
_mkdir
_onexit
_rmdir
_setmode
abort
atexit
ctime
fclose
fflush
fopen
fprintf
fputc
fread
free
fseek
ftell
fwrite
malloc
memcpy
memset
perror
printf
rand
remove
signal
sprintf
srand
strcat
strcmp
strcpy
strlen
strncat
system
time

user32

FindWindowA
GetAsyncKeyState
GetForegroundWindow
GetKeyState
GetWindowTextA
ShowWindow

ws2_32

WSACleanup
WSAStartup
closesocket
connect
gethostbyname
htons
send
socket

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 272B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b85600567e20bd6524054f7518d552c5

Headers

File Characteristics

Imports

advapi32

kernel32

msvcrt

user32

ws2_32

Sections

.text Size: 10KB - Virtual size: 9KB

.data Size: 512B - Virtual size: 64B

.rdata Size: 3KB - Virtual size: 2KB

.bss Size: - Virtual size: 272B

.idata Size: 3KB - Virtual size: 2KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 10KB - Virtual size: 9KB

.data
Size: 512B - Virtual size: 64B

.rdata
Size: 3KB - Virtual size: 2KB

.bss
Size: - Virtual size: 272B

.idata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 10KB - Virtual size: 9KB