150fc9ed04fdf990a7bcdc9bd67b3ab0_NeikiAnalytics

General

Target

150fc9ed04fdf990a7bcdc9bd67b3ab0_NeikiAnalytics
Size

23KB
MD5

150fc9ed04fdf990a7bcdc9bd67b3ab0
SHA1

2aa6a5fc17482f4b785631731333c33b5ae8c8ce
SHA256

dadb650d0ee95b3620fe3b43dd458272f71e070ef2945f817c56d962adff62d9
SHA512

afbbf04ca5c7ab405c948986e1d1a7507c2fe74fa1678179653ef969785d379dfbd9e26d65f6d08680e1bf29c5145477a726428f60daf0df915da314ae249323
SSDEEP

384:Y67JiQg8rVHEJaqGluVPgS2nIOEQoKuh3Jgk2srmakrXlu/8MBWrihr:Y6zFa9NVPg1IOENckLtEqkA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
150fc9ed04fdf990a7bcdc9bd67b3ab0_NeikiAnalytics

Files

150fc9ed04fdf990a7bcdc9bd67b3ab0_NeikiAnalytics
.dll windows:6 windows x64 arch:x64

ba547c954e5f5f661fad41f026122bbf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent

vcruntime140

memset
__C_specific_handler
__std_type_info_destroy_list
memcpy
memmove

api-ms-win-crt-runtime-l1-1-0

_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_initterm_e
_execute_onexit_table
_cexit
_initterm

Exports

Exports

PyInit__blake2b_cffi
_cffi_pypyinit__blake2b_cffi

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 528B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ba547c954e5f5f661fad41f026122bbf

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

vcruntime140

api-ms-win-crt-runtime-l1-1-0

Exports

Exports

Sections

.text Size: 15KB - Virtual size: 14KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 1024B - Virtual size: 528B

.rsrc Size: 512B - Virtual size: 248B

.reloc Size: 512B - Virtual size: 140B

.text
Size: 15KB - Virtual size: 14KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 1024B - Virtual size: 528B

.rsrc
Size: 512B - Virtual size: 248B

.reloc
Size: 512B - Virtual size: 140B