43ec98d1c5350b48b41a4719b80e16f0_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

43ec98d1c5350b48b41a4719b80e16f0_NeikiAnalytics
Size

272KB
MD5

43ec98d1c5350b48b41a4719b80e16f0
SHA1

7ffb4c7a96669ce2fec3656eb62244d5a690b65f
SHA256

47f935556e93ec3df6593c6287980de293dacf1e7d0d6902130c24ff30f3a036
SHA512

099e822c7fd2d1e135ee00c732060a428bfbd3ecb5c44ac6d3d26392c596b2f7918dabfce7c032ddcd1a9a972fb34fe7ae7be682e9f7de937ebf194c7761f45d
SSDEEP

6144:SJ19Qphw4f2Q7NXFXkh4yXtUsCsfLu+vDo:STyphD7NhyFZD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43ec98d1c5350b48b41a4719b80e16f0_NeikiAnalytics

Files

43ec98d1c5350b48b41a4719b80e16f0_NeikiAnalytics
.dll windows:4 windows x86 arch:x86

02bdf379ddc508a02b54491240474315

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

isgdi32

ord3100
ord2832
ord3103
ord3102
ord2770
ord113
ord3041
ord110
ord2831
ord111
ord114
ord3116
ord2721
ord2725
ord2730
ord3122
ord3104
ord2768
ord3101

kernel32

TerminateProcess
GetCurrentProcess
GetCommandLineA
GetVersion
TlsAlloc
TlsFree
ExitProcess
TlsSetValue
TlsGetValue
GetCurrentThreadId
SetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetLastError
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
WideCharToMultiByte
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
RaiseException
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetTempFileNameA
GetTempPathA
GetACP
GetOEMCP
GlobalHandle
HeapReAlloc
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
InterlockedDecrement
InterlockedIncrement
RtlUnwind
LCMapStringA
LCMapStringW
GetWindowsDirectoryA
GetModuleFileNameA
GetProfileStringA
LoadLibraryA
GetProcAddress
FreeLibrary
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
WritePrivateProfileStringA
GetPrivateProfileStringA
GlobalReAlloc
OpenFile
GetCPInfo
GetPrivateProfileIntA
GetEnvironmentVariableA
GetVersionExA
VirtualAlloc
SetFilePointer
FlushFileBuffers
SetStdHandle
CloseHandle
LocalAlloc
LocalLock
LocalUnlock
LocalFree
LocalHandle

user32

DispatchMessageA
DestroyWindow
GetActiveWindow
SetDlgItemTextA
GetWindowTextA
TranslateMessage
GetMessageA
GetParent
CheckRadioButton
IsDialogMessageA
GetDlgItem
ShowWindow
SetWindowTextA
EnableWindow
SetFocus
GetDlgItemTextA
EndDialog
DialogBoxParamA
SendMessageA
SendDlgItemMessageA
wsprintfA
LoadStringA

gdi32

GetDeviceCaps
CreateDCA
DeleteDC
SetMapMode
SetWindowExtEx
SetViewportOrgEx
SetWindowOrgEx
SetViewportExtEx
SelectObject
GetTextMetricsA
CreateFontIndirectA
GetTextExtentPointA
DeleteObject
EnumFontFamiliesA
SetTextCharacterExtra

Exports

Exports

CreateSetup
DestroySetup
EditSetup
EscapeSetup
ExportCB
ExportGR
FontTblDlgProc
GetFilterInfo
GetFilterPref
IMSGetFilterVersion
NewProfileDlgProc
ProfileDlgProc
dd_entry
dd_entry32

Sections

.text
Size: 200KB - Virtual size: 198KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

02bdf379ddc508a02b54491240474315

Headers

File Characteristics

Imports

isgdi32

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 200KB - Virtual size: 198KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 40KB - Virtual size: 43KB

.rsrc Size: 4KB - Virtual size: 2KB

.reloc Size: 16KB - Virtual size: 13KB

.text
Size: 200KB - Virtual size: 198KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 40KB - Virtual size: 43KB

.rsrc
Size: 4KB - Virtual size: 2KB

.reloc
Size: 16KB - Virtual size: 13KB