45bacfd1b545ee9266cf15ba10ef8990_NeikiAnalytics

Sharing

Copy URL

Twitter E-mail

General

Target

45bacfd1b545ee9266cf15ba10ef8990_NeikiAnalytics
Size

724KB
MD5

45bacfd1b545ee9266cf15ba10ef8990
SHA1

d6cebb3de111aa5c5b3726ba2c24430c4e9d5a95
SHA256

253e4d97e244f9675ca77160dff330168ef85f2b33b9d61e2be025f7cfc5ca10
SHA512

6c79612e8370b31e992a43fe0700aa10659edba1f99ea054e2dd7ca42d16c253459177c45bca01a1cc6c0abc658a06c7a77c8687612cadc13c972df11d656bc1
SSDEEP

3072:CkNHoH/rn8i2AbQJHfaxC6A/r3nnxlUoOdt3vpm:zuH/giNbm/j3Odt/p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45bacfd1b545ee9266cf15ba10ef8990_NeikiAnalytics

Files

45bacfd1b545ee9266cf15ba10ef8990_NeikiAnalytics
.dll windows:4 windows x86 arch:x86

e859fcd157d3eecf0160ae79277b0ee8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetTickCount
GetProcAddress
GetCurrentProcess
GetProcessAffinityMask
CloseHandle
Sleep
GetModuleHandleA
GetCurrentThread
GetModuleFileNameA
GetTempPathA
FindFirstFileA
DeleteFileA
FindNextFileA
FindClose
lstrlenA
LoadLibraryA
GetTempFileNameA
CopyFileA
FreeLibrary
SetThreadPriority
DeleteCriticalSection
InterlockedIncrement
EnterCriticalSection
LeaveCriticalSection
SetEvent
WaitForSingleObject
CreateEventA
IsBadReadPtr
IsBadWritePtr
TerminateProcess
VirtualQuery
CreateThread
GetStringTypeW
GetStringTypeA
InterlockedDecrement
InitializeCriticalSection
RaiseException
LCMapStringW
LCMapStringA
MultiByteToWideChar
SetStdHandle
GetOEMCP
GetACP
GetCPInfo
FlushFileBuffers
IsBadCodePtr
SetUnhandledExceptionFilter
SetFilePointer
WriteFile
GetEnvironmentStringsW
GetEnvironmentStrings
HeapFree
HeapAlloc
RtlUnwind
GetCommandLineA
GetVersion
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
ExitProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapSize
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte

user32

LoadCursorA
ShowWindow
CreateWindowExA
RegisterClassExA
GetClassInfoA
DestroyWindow
UnregisterClassA
PostQuitMessage
DefWindowProcA
wsprintfA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

Exports

Exports

CreateCNonrefdecInstance
CreateIFMTdec
CreateMSMTdec
CreateVideoDecoder
DecodeIFMT
DecodeMSMT
DecodeNonref
IsDllUsing
ReleaseCNonrefdecInstance
ReleaseIFMTdec
ReleaseMSMTdec
ResetCNonrefdecInstance
SetDeocderInstanceIndex

Sections

.text
Size: 568KB - Virtual size: 567KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text1
Size: 4KB - Virtual size: 528B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 4.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e859fcd157d3eecf0160ae79277b0ee8

Headers

File Characteristics

Imports

kernel32

user32

advapi32

version

Exports

Exports

Sections

.text Size: 568KB - Virtual size: 567KB

.text1 Size: 4KB - Virtual size: 528B

.rdata Size: 32KB - Virtual size: 30KB

.data Size: 48KB - Virtual size: 4.5MB

.data1 Size: 4KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 60KB - Virtual size: 56KB

.text
Size: 568KB - Virtual size: 567KB

.text1
Size: 4KB - Virtual size: 528B

.rdata
Size: 32KB - Virtual size: 30KB

.data
Size: 48KB - Virtual size: 4.5MB

.data1
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 60KB - Virtual size: 56KB