eea66ddc6f0a0f06fc5ca51dcbdfa0a0_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

eea66ddc6f0a0f06fc5ca51dcbdfa0a0_NeikiAnalytics
Size

232KB
MD5

eea66ddc6f0a0f06fc5ca51dcbdfa0a0
SHA1

2691aa58262156a85cb6a09d6fbb8fab72518d15
SHA256

c36d88e4d4dabc1c3ebbfb3d818f91e61c27c912a543e563d7c051907230b7d6
SHA512

0a07766b3d6c11067b0b4fe8769badb28a350e0c70ea69191b9c6d2b1e893e6022e941a6360ae1ccaa515932ac916abf56a64fa44dcd4e30722805610e5645f8
SSDEEP

3072:HjEa79KuM21MhwbCbQWvu0ZQlj2kNorE7:xJKV21MhoCbQWvubp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eea66ddc6f0a0f06fc5ca51dcbdfa0a0_NeikiAnalytics

Files

eea66ddc6f0a0f06fc5ca51dcbdfa0a0_NeikiAnalytics
.dll windows:4 windows x86 arch:x86

34e300a358884b28f4f5c7287d81d929

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
SetLastError
GetTickCount
ReadFile
WriteFile
GetProcAddress
LoadLibraryA
CloseHandle
CreateFileA
SetFilePointer
FreeLibrary
IsBadWritePtr
IsBadReadPtr
HeapValidate
GetLocalTime
WideCharToMultiByte
GetTimeZoneInformation
GetCommandLineA
GetVersion
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
FatalAppExitA
RtlUnwind
HeapAlloc
DebugBreak
GetStdHandle
InterlockedDecrement
OutputDebugStringA
InterlockedIncrement
GetModuleFileNameA
HeapReAlloc
HeapFree
VirtualFree
VirtualAlloc
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
GetCurrentThread
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
SetConsoleCtrlHandler
UnhandledExceptionFilter
GetCPInfo
GetACP
GetOEMCP
CompareStringA
CompareStringW
SetEnvironmentVariableA
LCMapStringA
LCMapStringW
Sleep
SetStdHandle
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
FlushFileBuffers
GetLocaleInfoW

Exports

Exports

ExecuteCommand
GetVBHandle
ScanLECC

Sections

.text
Size: 184KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

34e300a358884b28f4f5c7287d81d929

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 184KB - Virtual size: 180KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 20KB - Virtual size: 27KB

.idata Size: 4KB - Virtual size: 2KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 184KB - Virtual size: 180KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 20KB - Virtual size: 27KB

.idata
Size: 4KB - Virtual size: 2KB

.reloc
Size: 8KB - Virtual size: 7KB