d770aef8c1eca5e111f0a5cdd682b660_NEIKI

General

Target

d770aef8c1eca5e111f0a5cdd682b660_NEIKI
Size

49KB
MD5

d770aef8c1eca5e111f0a5cdd682b660
SHA1

b4d51c03a583f19ddabdfc76d49631331af1e8e4
SHA256

c181e08dc53506f3aab1ed1c70162dbdc6d83dbdfcb07c795fb55d0167cec049
SHA512

632042d9a1b39821c7f553e5c1fecd9a62702d6bfc6e6af29db4817d3b98030757009e58a1d6b6a7d444441472ae69855ddc2132113887d15aecd0d24f959efb
SSDEEP

768:S8ClSil/CZkvxnpG+HQRPFGeDQACGzcCzzo4mgBtb3q:SjlXRpMpGAC6cXgBhq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d770aef8c1eca5e111f0a5cdd682b660_NEIKI

Files

d770aef8c1eca5e111f0a5cdd682b660_NEIKI
.exe windows:4 windows x86 arch:x86

d00081c79e3e712a04d25de50ab28d51

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
FreeLibrary
GetProcAddress
SetConsoleTitleA
GetModuleHandleA
GetStdHandle
GlobalMemoryStatus
GetCurrentProcessId
GetTickCount
Sleep
GetConsoleScreenBufferInfo
LoadLibraryA
GetSystemInfo
WinExec
GetCurrentProcess
TerminateProcess
IsBadCodePtr
IsBadWritePtr
IsBadReadPtr
SetUnhandledExceptionFilter
SetStdHandle
FlushFileBuffers
SetFilePointer
ReadFile
CloseHandle
GetLastError
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
VirtualAlloc
HeapSize
HeapReAlloc
HeapFree
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetFileType
SetHandleCount
GetModuleFileNameA
HeapAlloc
GetCPInfo
WideCharToMultiByte
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
RtlUnwind
GetOEMCP
GetACP
UnhandledExceptionFilter
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW

user32

DestroyWindow
EndPaint
MessageBoxA
DefWindowProcA
PeekMessageA
FindWindowA
UnregisterClassA
RegisterClassA
InvalidateRect
SendMessageA
GetClientRect
FillRect
SetCursor
SetForegroundWindow
GetSystemMetrics
SetWindowPos
SetFocus
LoadIconA
LoadCursorA
RegisterClassExA
CreateWindowExA
ShowWindow
UpdateWindow
MoveWindow
GetMessageA
TranslateMessage
DispatchMessageA
PostQuitMessage
BeginPaint

gdi32

DeleteObject
SelectObject
CreateSolidBrush
GetStockObject

Sections

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d00081c79e3e712a04d25de50ab28d51

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 30KB - Virtual size: 29KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 12KB - Virtual size: 17KB

.text
Size: 30KB - Virtual size: 29KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 12KB - Virtual size: 17KB