aad749e364d0dac8e7d821927c9964d0_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

aad749e364d0dac8e7d821927c9964d0_NeikiAnalytics
Size

83KB
MD5

aad749e364d0dac8e7d821927c9964d0
SHA1

718deae244529a387deb3f024aa01ce35c6b0c0a
SHA256

e38ba0598990bb47315fc54caa41a6e513fe914c4ca4ddfc1683cd8cfceb547f
SHA512

2732d83277d91a1a4b7b6e7e2e65cccd6d023fd45fb4fcd3eafe4d6cdad7cfa1e2380e7ee43cbcf35aa302b756dac7bef046e5f1cf20d5a466a617d6643f66b9
SSDEEP

768:EC+1BUMqG65QeUzvk/3Xb6q4CbO4t3lEWatgCUEURyaz2rVfeVa4/jqNMXHdCCms:UqAFo/x4OiWaZU35BkH8qveWKp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aad749e364d0dac8e7d821927c9964d0_NeikiAnalytics

Files

aad749e364d0dac8e7d821927c9964d0_NeikiAnalytics
.dll windows:4 windows x86 arch:x86

25828e2e13ec93e02214180a861de3a9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CompareStringA
CompareStringW
CreateEventA
CreateFileA
CreateThread
DeleteCriticalSection
EnterCriticalSection
EnumCalendarInfoA
EnumResourceLanguagesA
EnumResourceNamesA
EnumResourceTypesA
ExitProcess
ExitThread
FindResourceA
FindResourceExA
FormatMessageA
FreeLibrary
FreeResource
GetCommandLineA
GetConsoleMode
GetConsoleOutputCP
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetThreadLocale
GetThreadPriority
GetUserDefaultLCID
GetVersionExA
GetWindowsDirectoryA
HeapAlloc
HeapFree
InitializeCriticalSection
LeaveCriticalSection
LoadResource
LocalAlloc
LocalFree
LockResource
MultiByteToWideChar
ReadFile
ResetEvent
ResumeThread
SetEvent
SetFilePointer
SetLastError
SetThreadLocale
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
SuspendThread
TerminateThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryEnterCriticalSection
WaitForSingleObject
WideCharToMultiByte
WriteFile

oleaut32

SysAllocStringLen
SysFreeString
SysReAllocStringLen

user32

CharLowerA
CharLowerBuffA
CharLowerBuffW
CharUpperA
CharUpperBuffA
CharUpperBuffW
GetSystemMetrics
MessageBeep
MessageBoxA

Exports

Exports

Compress
CompressedSize
Decompress
DecompressedSize
P$BSCT_DLL_COMPRESS$POINTER$POINTER$WORD$$WORD
P$BSCT_DLL_COMPRESSEDSIZE$POINTER$$WORD
P$BSCT_DLL_DECOMPRESS$POINTER$POINTER$$WORD
P$BSCT_DLL_DECOMPRESSEDSIZE$POINTER$$WORD

Sections

.text
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_MEM_DISCARDABLE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 368B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

25828e2e13ec93e02214180a861de3a9

Headers

File Characteristics

Imports

kernel32

oleaut32

user32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 60KB

.data Size: 13KB - Virtual size: 12KB

.bss Size: - Virtual size: 6KB

.CRT Size: 512B - Virtual size: 4B

.idata Size: 2KB - Virtual size: 2KB

.edata Size: 512B - Virtual size: 368B

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 60KB - Virtual size: 60KB

.data
Size: 13KB - Virtual size: 12KB

.bss
Size: - Virtual size: 6KB

.CRT
Size: 512B - Virtual size: 4B

.idata
Size: 2KB - Virtual size: 2KB

.edata
Size: 512B - Virtual size: 368B

.reloc
Size: 5KB - Virtual size: 4KB