235361bbd9d28e7bec861ad7024981a0_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

235361bbd9d28e7bec861ad7024981a0_NeikiAnalytics
Size

202KB
MD5

235361bbd9d28e7bec861ad7024981a0
SHA1

dd2ac6be1a6dbbcef322fc36fbdb16471dd12ccb
SHA256

ca7d73c17949a9f93862cb81f7f57f56c9087e70ab84a6f884446d48ce56c084
SHA512

11e6763d92718ededacac5d3743e2bd5d2e3d3a6354919bafd87899b0e7ece2a40aef6846416b68af3b804afacdb205acd9ee7eb5143fff5248ab71055275509
SSDEEP

3072:DZ9dGBHNTVp2qG1jI1MbcYlmx8qhKGXnGV5b7MPvYQfGwlxFpn1vI2Lx2meCu1y/:FGBHYRgj+iXyM4IGeJhsmKMIqTYQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
235361bbd9d28e7bec861ad7024981a0_NeikiAnalytics

Files

235361bbd9d28e7bec861ad7024981a0_NeikiAnalytics
.dll windows:4 windows x86 arch:x86

f4f71f9e72b0d1063528989ca1132e56

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

pow
cos
rand
sin
log
strlen
strncmp
memchr
strcmp
??3@YAXPAX@Z
memset
strcpy
sqrt
free
_adjust_fdiv
_initterm
floor
calloc
_CIpow
fabs
??2@YAPAXI@Z
isalnum
sprintf
strncpy
srand
realloc
malloc
memmove
ceil
memcpy
exp
_purecall

kernel32

FlushInstructionCache
SetLastError
GetSystemInfo
VirtualAlloc
VirtualProtect
DeviceIoControl
CloseHandle
CreateFileA
SetPriorityClass
GetCurrentProcess
GetVersionExA
DisableThreadLibraryCalls
MulDiv
HeapAlloc
GetProcessHeap
ExitProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
lstrcatA
lstrcpyA
lstrlenA
GetModuleFileNameA
RtlUnwind
InterlockedExchange
VirtualQuery
HeapFree
GetVersion

iphlpapi

GetAdaptersInfo

user32

RemovePropA
SetPropA
GetClientRect
GetWindowLongA
FillRect
GetSysColor
DrawFrameControl
SetRect
GetSystemMetrics
GetSysColorBrush
DrawEdge
GetWindowRect
GetParent
OffsetRect
GetWindowDC
ReleaseDC
CopyRect
MapWindowPoints
CallWindowProcA
PtInRect
SetCapture
SetTimer
KillTimer
ReleaseCapture
GetMessagePos
ScreenToClient
GetCursorPos
ShowScrollBar
SetWindowLongA
SetScrollInfo
SetScrollPos
GetScrollRange
GetScrollPos
GetScrollInfo
EnableScrollBar
SendMessageA
SetWindowPos
GetPropA
MessageBoxA
SetScrollRange

gdi32

ExtTextOutA
CreatePatternBrush
SetBrushOrgEx
PatBlt
CreateCompatibleDC
CreateBitmap
UnrealizeObject
SelectObject
CreateCompatibleBitmap
SetBkColor
BitBlt
GetStockObject
SetTextColor
DeleteObject
DeleteDC

Exports

Exports

_resetstkoflw
_set_security_error_handler
lrand48
srand48
ttpcomm_getversion

Sections

.text
Size: 145KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

text
Size: 512B - Virtual size: 119B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f4f71f9e72b0d1063528989ca1132e56

Headers

File Characteristics

Imports

msvcrt

kernel32

iphlpapi

user32

gdi32

Exports

Exports

Sections

.text Size: 145KB - Virtual size: 144KB

text Size: 512B - Virtual size: 119B

.rdata Size: 20KB - Virtual size: 20KB

.data Size: 26KB - Virtual size: 150KB

.tls Size: 512B - Virtual size: 28B

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 145KB - Virtual size: 144KB

text
Size: 512B - Virtual size: 119B

.rdata
Size: 20KB - Virtual size: 20KB

.data
Size: 26KB - Virtual size: 150KB

.tls
Size: 512B - Virtual size: 28B

.reloc
Size: 8KB - Virtual size: 8KB