69691475407b3c109340d1d179291b70_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

69691475407b3c109340d1d179291b70_NeikiAnalytics
Size

2.6MB
MD5

69691475407b3c109340d1d179291b70
SHA1

8c4a274b35f20821bd5092a6e560abc0c50b5849
SHA256

36242315d638d0f1fe940de70b75a2e627402b4c72024cd14ed46ce236398d46
SHA512

3c36e760c130b167e2e219d17c4ae5345af4a15c7fce91ef986e361bb5f886aab420cb33b892f8918bc3c5f748f95bf52c91a98855903b618fa4936548496784
SSDEEP

49152:aBocriI7t4LLCktlJy2Xb4+eSOyv9Pr5Z68j5JyExcOFPcNoiVkzYb6M/fSDS:6TriUqLLCktDy2L4+eGlPr5Z68j5Zxzl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69691475407b3c109340d1d179291b70_NeikiAnalytics

Files

69691475407b3c109340d1d179291b70_NeikiAnalytics
.dll windows:4 windows x86 arch:x86

f7df3e6f5f596235e96c35604e60f79c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\coretech\source\springsteen\bravo\public\libraries\windows\release\dynamic\CoolType5MT\CoolType.pdb

Imports

kernel32

CreateEventA
GetVersionExA
SystemTimeToFileTime
GetSystemTime
ResetEvent
WaitForSingleObject
GetLastError
GetACP
InterlockedDecrement
InterlockedIncrement
FileTimeToSystemTime
FileTimeToLocalFileTime
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
WriteFile
FlushFileBuffers
IsProcessorFeaturePresent
SetEvent
GetTimeZoneInformation
CompareStringA
GetModuleFileNameA
GetWindowsDirectoryA
GetSystemDirectoryA
InterlockedExchange
LocalAlloc
SetEndOfFile
SetEnvironmentVariableA
GetConsoleOutputCP
WriteConsoleA
GetFullPathNameA
GetDriveTypeA
SetCurrentDirectoryA
GetCurrentDirectoryA
IsValidLocale
GetSystemDefaultLCID
SetLastError
LoadLibraryA
FreeLibrary
WaitForMultipleObjects
FindNextChangeNotification
FindCloseChangeNotification
GetTickCount
FindClose
lstrlenA
CreateFileA
GetPrivateProfileStringA
lstrcmpiA
GetModuleHandleA
GetFileSize
SetFilePointer
ReadFile
CloseHandle
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetSystemInfo
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
RtlUnwind
RaiseException
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
ExitProcess
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
HeapReAlloc
HeapAlloc
SetStdHandle
GetFileType
DeleteFileA
GetCurrentThreadId
GetCommandLineA
HeapFree
GetProcessHeap
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThread
Sleep
HeapSize
SetConsoleCtrlHandler
GetStdHandle
SetHandleCount
GetStartupInfoA
FatalAppExitA
GetOEMCP
LCMapStringA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetConsoleCP
GetConsoleMode
FreeEnvironmentStringsA
GetEnvironmentStrings
QueryPerformanceCounter
GetCurrentProcessId
GetStringTypeA
GetTimeFormatA
GetDateFormatA
LocalFree

user32

DestroyWindow
GetDesktopWindow
RegisterClassA
DefWindowProcA
MessageBoxA
wsprintfA
ReleaseDC
GetDC
CreateWindowExA

gdi32

GetDeviceCaps
SetTextAlign
SetBkMode
GetBitmapBits
ExtTextOutA
GetTextExtentPointA
GetCharABCWidthsA
GetTextMetricsA
SetTextColor
SetBkColor
CreateBitmap
CreateCompatibleDC
DeleteDC
SelectObject
GetFontData
DeleteObject
PatBlt

advapi32

RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

SHGetSpecialFolderLocation
SHGetMalloc

Exports

Exports

CTCleanup
CTGetVersion
CTInit

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 612KB - Virtual size: 609KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 132KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f7df3e6f5f596235e96c35604e60f79c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

Exports

Exports

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 612KB - Virtual size: 609KB

.data Size: 96KB - Virtual size: 153KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 132KB - Virtual size: 128KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 612KB - Virtual size: 609KB

.data
Size: 96KB - Virtual size: 153KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 132KB - Virtual size: 128KB