58e27eea2b75b4b52dd045f4d2b7aa60_NeikiAnalytics

General

Target

58e27eea2b75b4b52dd045f4d2b7aa60_NeikiAnalytics
Size

2.8MB
MD5

58e27eea2b75b4b52dd045f4d2b7aa60
SHA1

319f4630b3ba61d1db6f5c1e7897d074cf129c5b
SHA256

4c899508474767fc28d844b890bdf985c5e136baf71d554b70b103e28dd078c8
SHA512

ece0de2dc4bf14e6e073f9d8c88f92cc8614dfd6a300573923edff663fbad822447c4750d775490344cce240b5b4a1c4acdf0163ab02ee6726c68ea57793eec3
SSDEEP

49152:Sohjh2RjJRi21hQjZKq+FIBIvxY5bzfJE71t:Soh9WjJRis48qOclz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
58e27eea2b75b4b52dd045f4d2b7aa60_NeikiAnalytics

Files

58e27eea2b75b4b52dd045f4d2b7aa60_NeikiAnalytics
.dll windows:6 windows x86 arch:x86

73664eea5130acf61b30c4c29a161b64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapAlloc
GetProcessHeap
HeapReAlloc
HeapFree
HeapSize
IsDebuggerPresent
EncodePointer
DecodePointer
IsProcessorFeaturePresent
RaiseException
RtlUnwind
InterlockedDecrement
GetCommandLineA
GetCurrentThreadId
GetLastError
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
GetModuleFileNameA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
InterlockedIncrement
GetStdHandle
WriteFile
GetModuleFileNameW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetFileType
GetEnvironmentStringsW
FreeEnvironmentStringsW
LoadLibraryExW
OutputDebugStringW
WaitForSingleObjectEx
CreateThread
LoadLibraryW
GetStringTypeW
LCMapStringW
SetFilePointerEx

Exports

Exports

_IwAppEntry
_IwAppVersionMajor
_IwAppVersionMinor

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 678KB - Virtual size: 677KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 71KB - Virtual size: 217KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

STLPORT_
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

73664eea5130acf61b30c4c29a161b64

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 2.0MB - Virtual size: 2.0MB

.rdata Size: 678KB - Virtual size: 677KB

.data Size: 71KB - Virtual size: 217KB

STLPORT_ Size: 512B - Virtual size: 32B

.reloc Size: 137KB - Virtual size: 137KB

.text
Size: 2.0MB - Virtual size: 2.0MB

.rdata
Size: 678KB - Virtual size: 677KB

.data
Size: 71KB - Virtual size: 217KB

STLPORT_
Size: 512B - Virtual size: 32B

.reloc
Size: 137KB - Virtual size: 137KB