76fd4f8c91f38a17677d554fceec53e0_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

76fd4f8c91f38a17677d554fceec53e0_NeikiAnalytics
Size

1.5MB
MD5

76fd4f8c91f38a17677d554fceec53e0
SHA1

f7900a782c6c3e021ae983d09805259472d4c7d0
SHA256

dd468b754a3aae7bc789c3864d5a4d98069a0b10031eed444fa63b6d056bc880
SHA512

c8df7fc9bfbe0feb0490cf5dc157f135cab77b9ef0cced01bfcdde1d1ccafb3cb3b53302819cde800ee408cd86cae1809d55504a5b8a0eee9f3fd8aadfdd7fd1
SSDEEP

12288:oNk+1Z1Dqq6FggLbrQXbR7jqkf1Hm7tJc0FS3jicGWVSI7dMua43Ek0cIHAN4:oSSwq6LaRFdGJm0Q3WKVSwdr13Ek0VA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
76fd4f8c91f38a17677d554fceec53e0_NeikiAnalytics

Files

76fd4f8c91f38a17677d554fceec53e0_NeikiAnalytics
.exe windows:5 windows x64 arch:x64

c5b066e7b66b8f616652cbb00dad7119

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

F:\CheckPoints\TPDrv\builderSuperMan1\SynTPHelper\x64\Release\SynTPHelper.pdb

Imports

psapi

GetModuleFileNameExW
EnumProcessModules

kernel32

CreateFileW
GetFileAttributesW
SetPriorityClass
GetPriorityClass
IsWow64Process
QueryPerformanceCounter
MultiByteToWideChar
WideCharToMultiByte
WriteConsoleW
FlushFileBuffers
SetStdHandle
OutputDebugStringW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
LCMapStringW
GetStringTypeW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlCaptureContext
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
WriteFile
GetStartupInfoW
GetFileType
GetStdHandle
SetLastError
ExitProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetCommandLineW
RtlUnwindEx
RtlLookupFunctionEntry
GetModuleHandleExW
GetModuleFileNameW
SetEndOfFile
InitializeCriticalSectionAndSpinCount
GetCurrentThreadId
RaiseException
TerminateProcess
GetCurrentProcess
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
LocalFree
DecodePointer
QueryDosDeviceW
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
ExpandEnvironmentStringsW
LoadLibraryW
LoadLibraryExW
GetProcAddress
GetModuleHandleW
FreeLibrary
OpenProcess
CreateThread
Sleep
CreateMutexW
WaitForSingleObject
ReleaseMutex
GetLastError
RtlPcToFileHeader
EncodePointer
CloseHandle
ReadFile
ReadConsoleW

user32

SystemParametersInfoW
LoadBitmapW
GetWindowThreadProcessId
FindWindowW
GetCursorPos
ReleaseDC
GetDC
GetSystemMetrics
KillTimer
SetTimer
SendInput
BringWindowToTop
SetWindowPos
ShowWindow
IsWindow
CreateWindowExW
RegisterClassW
PostQuitMessage
DefWindowProcW
PostMessageW
SendNotifyMessageW
SendMessageTimeoutW
SendMessageW
DispatchMessageW
TranslateMessage
GetMessageW

gdi32

GetObjectW
StretchBlt
SelectObject
GetDeviceCaps
CreateDCW
CreateCompatibleDC
DeleteDC

advapi32

RegCreateKeyW
RegCreateKeyExW
GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
UnregisterTraceGuids
RegisterTraceGuidsW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW

Sections

.text
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c5b066e7b66b8f616652cbb00dad7119

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

psapi

kernel32

user32

gdi32

advapi32

Sections

.text Size: 97KB - Virtual size: 96KB

.rdata Size: 47KB - Virtual size: 46KB

.data Size: 10KB - Virtual size: 19KB

.pdata Size: 5KB - Virtual size: 5KB

.rsrc Size: 29KB - Virtual size: 28KB

.reloc Size: 1.3MB - Virtual size: 1.3MB

.text
Size: 97KB - Virtual size: 96KB

.rdata
Size: 47KB - Virtual size: 46KB

.data
Size: 10KB - Virtual size: 19KB

.pdata
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 29KB - Virtual size: 28KB

.reloc
Size: 1.3MB - Virtual size: 1.3MB