241a76022d7184c5296bf807f9305a20_NeikiAnalytics | Triage

Sharing

Copy URL Twitter E-mail

General

Target

241a76022d7184c5296bf807f9305a20_NeikiAnalytics
Size

6KB
MD5

241a76022d7184c5296bf807f9305a20
SHA1

f6692a105a1741bd3a0107aff747fc7ac6413923
SHA256

b077a5ebe0388b44abda5981a501c6d04354e09fd4d71b8dc3acf20a030e16f3
SHA512

6f7d1d34a35e0250d90977dab1c61b18c5b2198d62419d0d685f36c69b67032e0e27c5d7260ba4db842bca13a062ea542296dcdc90eeb9c87fab045c9b0132b1
SSDEEP

48:CuDO/Cn1rOxaS45wxYm2pt5g+iwdEsuFKJg0SZfVYBg0boFEAFB/0cgQtgyqmCgS:7iMrFS8cgZ0aEbUSZ9YBg3TayqmU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
241a76022d7184c5296bf807f9305a20_NeikiAnalytics

Files

241a76022d7184c5296bf807f9305a20_NeikiAnalytics
.dll windows:4 windows x64 arch:x64

8756a1c62a8080594fb5309b217184b1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Dev\Temp\builds\mod_perl-2.0.10\blib\arch\auto\Apache2\FilterRec\FilterRec.pdb

Imports

perl526

Perl_croak_xs_usage
Perl_sv_newmortal
Perl_sv_2iv_flags
Perl_sv_derived_from
Perl_mg_set
Perl_xs_boot_epilog
Perl_croak_nocontext
Perl_newXS_deffile
Perl_sv_setpv
Perl_xs_handshake

msvcrt

malloc
free
_initterm

kernel32

DisableThreadLibraryCalls
Sleep
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter

Exports

Exports

boot_Apache2__FilterRec

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ