ef2ec78b1b9ee26d9d52bf46d3e12bc0_NEIKI

Sharing

Copy URL Twitter E-mail

General

Target

ef2ec78b1b9ee26d9d52bf46d3e12bc0_NEIKI
Size

6.1MB
MD5

ef2ec78b1b9ee26d9d52bf46d3e12bc0
SHA1

231ef66431a356edff2dbbdf84e23fd42363118e
SHA256

3dc6ec0f24193ac62d23f12df19444d8551f80cdd650a800e527c96371be0657
SHA512

37290316118f52987d8cc4699fbab9e7982ca16c8e77fdf0944d26bab2c5f2dd40734e3b3fdb84257856b1f88f67c0031ab1a205619814d46256efcf5a5772b3
SSDEEP

98304:cROcBg9BAiEs3QkcKadT24RMwNCCU5F0kZaRLLK0A+q:IOx7Nj3QkRUTTCCw3EXAv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef2ec78b1b9ee26d9d52bf46d3e12bc0_NEIKI

Files

ef2ec78b1b9ee26d9d52bf46d3e12bc0_NEIKI
.exe windows:5 windows x86 arch:x86

6500044216687344f896d71de9c1d81a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
SetEnvironmentVariableA
WriteConsoleA
IsValidLocale
EnumSystemLocalesA
GetDriveTypeA
UnmapViewOfFile
CreateFileMappingA
MapViewOfFile
IsProcessorFeaturePresent
InterlockedCompareExchange
GetProcessHeap
GetCurrentDirectoryA
WriteConsoleW
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
LCMapStringA
GetTimeZoneInformation
GetConsoleMode
GetConsoleCP
InitializeCriticalSectionAndSpinCount
SizeofResource
LCMapStringW
IsValidCodePage
GetOEMCP
GetCPInfo
TerminateProcess
VirtualFree
HeapCreate
GetStartupInfoA
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
HeapSize
VirtualQuery
VirtualAlloc
GetSystemTimeAsFileTime
CreateThread
ExitThread
HeapReAlloc
RaiseException
RtlUnwind
GetFileType
SetStdHandle
ExitProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapAlloc
HeapFree
GetStartupInfoW
FindResourceExW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
TlsGetValue
LocalAlloc
GlobalFlags
GetProfileIntW
InterlockedIncrement
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
GetTickCount
GlobalReAlloc
GetFileSizeEx
LocalFileTimeToFileTime
GetFileAttributesExW
GetModuleHandleA
GlobalGetAtomNameW
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetStringTypeExW
FileTimeToLocalFileTime
GetDiskFreeSpaceW
GetFullPathNameW
ConvertDefaultLocale
EnumResourceLanguagesW
LoadLibraryExW
CompareStringA
InterlockedExchange
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
LoadLibraryA
GetVersionExA
ResumeThread
InterlockedDecrement
SystemTimeToFileTime
FileTimeToSystemTime
CopyFileW
SetFileTime
SearchPathW
GetVolumeInformationW
SetErrorMode
SetFileAttributesW
GetModuleFileNameA
FlushInstructionCache
GetCommandLineW
QueryPerformanceCounter
QueryPerformanceFrequency
GetDateFormatW
MoveFileW
GetFileAttributesW
GetACP
SetCurrentDirectoryW
lstrlenA
GlobalAlloc
GlobalSize
GlobalFree
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetCurrentDirectoryW
DuplicateHandle
OpenProcess
GetCurrentProcessId
CreatePipe
VirtualProtect
GlobalUnlock
GlobalLock
GetTempFileNameW
GetTempPathW
GetCurrencyFormatW
SetFilePointer
lstrcmpW
GetSystemDirectoryW
ReleaseSemaphore
OpenMutexW
ReleaseMutex
CreateSemaphoreW
CreateMutexW
lstrcmpA
Sleep
GetCurrentThread
SetThreadAffinityMask
GetProcessAffinityMask
GetComputerNameW
GetWindowsDirectoryW
GetCurrentProcess
GetVersionExW
GetSystemInfo
GetUserDefaultLCID
GetUserDefaultLangID
MulDiv
lstrcmpiW
WaitForSingleObject
CreateDirectoryW
RemoveDirectoryW
FindClose
FindNextFileW
FindFirstFileW
CompareFileTime
GetFileTime
LoadLibraryW
SetLastError
ReadFile
DeleteFileW
GetCurrentThreadId
LocalFree
FormatMessageW
FreeResource
FreeLibrary
GetModuleFileNameW
SetThreadPriority
lstrlenW
CreateProcessW
GetLocaleInfoW
CompareStringW
GetThreadLocale
lstrcpyW
OutputDebugStringW
WriteFile
FreeConsole
CloseHandle
GetConsoleScreenBufferInfo
CreateFileW
AllocConsole
GetProcAddress
GetModuleHandleW
IsDebuggerPresent
GetLastError
GetShortPathNameW
WideCharToMultiByte
lstrcpynW
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
GetConsoleOutputCP

user32

GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetMenu
SystemParametersInfoA
GetWindowPlacement
GetWindowThreadProcessId
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
CreateDialogIndirectParamW
IsWindowEnabled
EndDialog
GetMenuStringW
SendMessageTimeoutW
GetDoubleClickTime
IsCharAlphaNumericW
SetActiveWindow
MonitorFromWindow
SubtractRect
SetWindowTextW
GetWindowTextW
DrawTextExW
GetTabbedTextExtentA
GetMessageTime
GetMessageW
CopyIcon
SetCursorPos
LoadBitmapW
AdjustWindowRectEx
ClipCursor
RegisterClassW
GetClipboardSequenceNumber
IsClipboardFormatAvailable
GetClipboardData
SetClipboardData
CloseClipboard
EmptyClipboard
OpenClipboard
RegisterClipboardFormatW
GetDCEx
EndPaint
BeginPaint
ShowCaret
GetUpdateRgn
DrawTextW
DrawFrameControl
GetUpdateRect
LockWindowUpdate
BringWindowToTop
ShowWindow
WindowFromDC
GetSysColorBrush
SetParent
GetNextDlgTabItem
GetClassLongW
ValidateRect
SetMenuItemInfoW
ChangeClipboardChain
SetClipboardViewer
ModifyMenuW
SetWindowPos
DestroyWindow
PostThreadMessageW
WaitMessage
InsertMenuItemW
GetMenuItemInfoW
IsMenu
GetMenuItemID
GetMenuDefaultItem
GetMenuState
SetMenuDefaultItem
SetWindowRgn
GetSystemMenu
IsZoomed
SetFocus
CharUpperW
CheckMenuItem
GrayStringW
DestroyIcon
CopyAcceleratorTableW
ShowScrollBar
SetDlgItemInt
SetRect
LoadIconW
SetClassLongW
SetForegroundWindow
ShowWindowAsync
FindWindowW
PostQuitMessage
PeekMessageW
IsDlgButtonChecked
CheckDlgButton
MoveWindow
MapDialogRect
EnumChildWindows
UnionRect
InvertRect
NotifyWinEvent
MessageBeep
GetAsyncKeyState
EnableScrollBar
IsWindowVisible
MapWindowPoints
HideCaret
GetDialogBaseUnits
GetComboBoxInfo
EqualRect
GetClassNameW
GetLastActivePopup
EnumThreadWindows
GetActiveWindow
GetWindowLongW
GetAncestor
SendMessageW
RegisterWindowMessageW
PostMessageW
GetParent
SystemParametersInfoW
CharUpperBuffW
ReleaseDC
GetDC
MessageBoxW
GetWindow
GetTopWindow
GetDlgItem
EnableMenuItem
AppendMenuW
CreatePopupMenu
CharNextW
DrawFocusRect
GetMenuItemCount
UpdateWindow
IntersectRect
DeleteMenu
GetWindowDC
DestroyCursor
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
DrawStateW
CopyImage
GetNextDlgGroupItem
DrawIcon
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
FrameRect
IsCharLowerW
MapVirtualKeyExW
UnregisterClassW
IsWindow
GetWindowTextLengthW
CreateAcceleratorTableW
DestroyAcceleratorTable
TranslateAcceleratorW
SetWindowLongW
FillRect
GetClassInfoW
CreateWindowExW
CallWindowProcW
GetDlgCtrlID
DrawEdge
GetScrollPos
SetScrollPos
GetScrollRange
SetScrollRange
SetMenu
TrackPopupMenu
TrackPopupMenuEx
ScrollWindow
RemovePropW
GetPropW
SetPropW
WinHelpW
SendDlgItemMessageA
SendDlgItemMessageW
ShowOwnedPopups
UpdateLayeredWindow
ReuseDDElParam
UnpackDDElParam
GetKeyNameTextW
MapVirtualKeyW
SetDlgItemTextW
IsDialogMessageW
CheckRadioButton
TabbedTextOutW
GetFocus
RemoveMenu
IsIconic
GetForegroundWindow
GetSystemMetrics
LoadMenuW
DrawMenuBar
DestroyMenu
LoadAcceleratorsW
GetCursorPos
WindowFromPoint
CallNextHookEx
CreateMenu
GetWindowRgn
InsertMenuW
SetWindowsHookExW
UnhookWindowsHookEx
GetKeyState
InSendMessageEx
ReplyMessage
RedrawWindow
EnableWindow
SetCapture
ReleaseCapture
GetDesktopWindow
SetCursor
GetClientRect
SetRectEmpty
GetWindowRect
InflateRect
GetSysColor
PtInRect
GetSubMenu
GetCursor
LoadCursorW
ClientToScreen
ScreenToClient
InvalidateRect
IsChild
TranslateMessage
DispatchMessageW
GetClassInfoExW
DefWindowProcW
RegisterClassExW
GetMessagePos
KillTimer
SetTimer
LoadImageW
GetIconInfo
DrawIconEx
IsRectEmpty
GetCapture
BeginDeferWindowPos
OffsetRect
DeferWindowPos
EndDeferWindowPos
CopyRect
GetDlgItemInt

gdi32

GetTextFaceW
GetCurrentPositionEx
ScaleViewportExtEx
PtVisible
SetBkColor
GetCharWidthW
SetWindowExtEx
SetViewportOrgEx
GetTextExtentPoint32A
SetWindowOrgEx
MoveToEx
Arc
StrokeAndFillPath
AbortPath
WidenPath
PathToRegion
CombineRgn
ExcludeClipRect
CreatePatternBrush
CreateScalableFontResourceW
AddFontResourceW
RemoveFontResourceW
CopyMetaFileW
GetDCOrgEx
PatBlt
SetPolyFillMode
SetROP2
LineTo
SetTextAlign
SetArcDirection
GetClipRgn
SelectClipPath
GetPixel
StartDocW
GetNearestColor
OffsetWindowOrgEx
ArcTo
ExtSelectClipRgn
RectVisible
GetObjectType
CreateHatchBrush
SetDIBColorTable
GetDIBits
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetEnhMetaFileHeader
CreateEllipticRgn
CreatePolygonRgn
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
RoundRect
ExtFloodFill
GetNearestPaletteIndex
GetSystemPaletteEntries
GetBoundsRect
EnumFontFamiliesExW
SetPixelV
GetStretchBltMode
GetROP2
GetPolyFillMode
Escape
TextOutW
SetViewportExtEx
DeleteEnhMetaFile
CopyEnhMetaFileW
GetEnhMetaFileW
CreateCompatibleBitmap
RestoreDC
GetClipBox
SetMapMode
SaveDC
BitBlt
DeleteDC
StretchBlt
SetStretchBltMode
GetOutlineTextMetricsW
ExtCreateRegion
GetRegionData
GetViewportOrgEx
GetWindowOrgEx
IntersectClipRect
OffsetViewportOrgEx
ScaleWindowExtEx
SetPaletteEntries
CreatePalette
GetPaletteEntries
RealizePalette
SelectClipRgn
CreateRectRgn
SetBkMode
SelectPalette
SetTextColor
GetBkMode
GetTextAlign
CreateDCW
CreateRectRgnIndirect
ExtTextOutW
GetTextColor
GetTextMetricsW
SelectObject
SetPixel
GetDeviceCaps
Ellipse
GetTextExtentPoint32W
GetBkColor
Polygon
Polyline
CreateSolidBrush
CreatePenIndirect
SetDCPenColor
GetDCPenColor
GetDCBrushColor
SetDCBrushColor
EndPath
BeginPath
CreatePen
LPtoDP
PtInRegion
DPtoLP
FrameRgn
FillRgn
GetMapMode
GetWindowExtEx
GetViewportExtEx
GetRgnBox
OffsetRgn
CreateRoundRectRgn
Rectangle
DeleteObject
CreateFontIndirectW
GetObjectW
GetStockObject
GetCurrentObject
SetRectRgn
CreateBitmap
CreateDIBSection
CreateCompatibleDC
GetArcDirection

msimg32

TransparentBlt
AlphaBlend

comdlg32

CommDlgExtendedError
GetFileTitleW

winspool.drv

EnumFormsW
GetJobW
ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegOpenKeyA
RegCreateKeyW
GetFileSecurityW
SetFileSecurityW
RegQueryValueW
RegOpenKeyW
RegEnumKeyExW
RegOpenKeyExW
RegCreateKeyExW
RegDeleteValueW
RegDeleteKeyW
RegSetValueW
RegCloseKey
RegEnumKeyW
RegQueryValueExW
RegSetValueExW
GetUserNameW
RegQueryValueExA

shell32

SHBrowseForFolderW
SHAppBarMessage
DragQueryFileW
DragFinish
SHGetSettings
SHGetFileInfoW
SHGetSpecialFolderLocation
ShellExecuteW
ExtractIconW
DragAcceptFiles
SHGetDesktopFolder
SHGetMalloc
SHCreateDirectoryExW
SHGetSpecialFolderPathW
SHFileOperationW
ord165
ShellExecuteExW
SHGetPathFromIDListW

comctl32

ImageList_Destroy
ImageList_GetImageCount
ImageList_Create
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_GetIconSize
InitCommonControlsEx
_TrackMouseEvent
ImageList_DrawEx

shlwapi

PathIsDirectoryW
PathStripToRootW
PathCombineW
PathAddExtensionW
SHDeleteKeyW
PathGetCharTypeW
PathCommonPrefixW
PathSearchAndQualifyW
PathRemoveBlanksW
PathCanonicalizeW
PathRelativePathToW
PathRemoveExtensionW
PathStripPathW
PathRenameExtensionW
SHSetValueW
PathRemoveFileSpecW
PathQuoteSpacesW
PathRemoveBackslashW
PathAddBackslashW
PathIsRelativeW
SHGetValueW
PathAppendW
PathFileExistsW
PathFindExtensionW
PathFindFileNameW
PathIsUNCW

oledlg

OleUIBusyW

ole32

CoRegisterMessageFilter
CoRevokeClassObject
OleLockRunning
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoInitializeEx
CreateStreamOnHGlobal
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
CoUninitialize
CoCreateInstance
CoCreateGuid

oleaut32

VariantClear
SysAllocString
VariantInit
VariantChangeType
SysAllocStringByteLen
VariantCopy
SysAllocStringLen
SysFreeString
SafeArrayCreate
SafeArrayAccessData
SafeArrayUnaccessData
SysStringLen
SysStringByteLen
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

winmm

timeGetSystemTime
PlaySoundW
timeGetTime

imagehlp

MakeSureDirectoryPathExists

imm32

ImmGetOpenStatus
ImmGetContext
ImmReleaseContext

Sections

.text
Size: 4.7MB - Virtual size: 4.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.crypt
Size: 18KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 766KB - Virtual size: 766KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 47KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 586KB - Virtual size: 586KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6500044216687344f896d71de9c1d81a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

version

winmm

imagehlp

imm32

Sections

.text Size: 4.7MB - Virtual size: 4.7MB

.crypt Size: 18KB - Virtual size: 27KB

.rdata Size: 766KB - Virtual size: 766KB

.data Size: 47KB - Virtual size: 102KB

.data1 Size: 2KB - Virtual size: 2KB

.rsrc Size: 586KB - Virtual size: 586KB

.text
Size: 4.7MB - Virtual size: 4.7MB

.crypt
Size: 18KB - Virtual size: 27KB

.rdata
Size: 766KB - Virtual size: 766KB

.data
Size: 47KB - Virtual size: 102KB

.data1
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 586KB - Virtual size: 586KB