a14ca3e45ae344e15d1937a091794350_NeikiAnalytics

Sharing

Copy URL

Twitter E-mail

General

Target

a14ca3e45ae344e15d1937a091794350_NeikiAnalytics
Size

537KB
MD5

a14ca3e45ae344e15d1937a091794350
SHA1

d652413b651098829ea6b02e65468b7b3607fe90
SHA256

4c42ca2d82e02b83fe3051a2368cdaf0f3d9f28b95e3993fcfd62a52464c729a
SHA512

198d69a73cc42df1b0791f3733def077ba4885b99a73c23ca26722f97ff5d28d788d8b90265eca8b718ef7001ab73631ece8733c01359b063c12c69c32e86372
SSDEEP

6144:ygbs8KzmiFBv+xx3ZhzPr0s2qx2IsFmGGg0OvUmCyMtcseGZuFFZ/SnLqSuVxe:yhCiax3ZhzgsdqpkmLMXnZIZ/UVuVE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a14ca3e45ae344e15d1937a091794350_NeikiAnalytics

Files

a14ca3e45ae344e15d1937a091794350_NeikiAnalytics
.dll windows:5 windows x86 arch:x86

b44792cb70544cf4b21038e0ef8a8ee9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

bjml

PK11_Authenticate
PK11_CreateContextBySymKey
PK11_DigestBegin
PK11_SetPasswordFunc
NSS_Shutdown
PR_GetError
PK11_DigestOp
PK11_DigestFinal
NSS_Init
PK11_FreeSlot
PK11_FreeSymKey
PK11_ListFixedKeysInSlot
PK11_DestroyContext
PR_Init
PK11_GetInternalKeySlot
PORT_Strdup

ws2_32

send
recv
closesocket
socket
htonl
htons
setsockopt
WSACleanup
gethostbyname
gethostname
WSAStartup
WSAGetLastError
connect
inet_addr

kernel32

ExitThread
CreateThread
GetTimeFormatW
GetDateFormatW
InitializeCriticalSectionAndSpinCount
MoveFileW
OutputDebugStringW
AllocConsole
ResetEvent
SetEvent
CreateEventW
WaitForSingleObject
FormatMessageA
LocalFree
GetModuleHandleA
GetModuleFileNameA
GetCommandLineA
GetEnvironmentVariableA
CreateFileA
HeapAlloc
HeapFree
GetProcessHeap
GetLastError
CloseHandle
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
InterlockedCompareExchange
InterlockedExchange
MultiByteToWideChar
GetStringTypeW
EncodePointer
DecodePointer
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
GetSystemTimeAsFileTime
RaiseException
RtlUnwind
GetCPInfo
LCMapStringW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetLastError
GetProcAddress
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoW
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
WriteFile
GetModuleFileNameW
GetLocaleInfoW
ReadFile
SetFilePointer
GetConsoleCP
GetConsoleMode
FlushFileBuffers
HeapSize
GetACP
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
HeapReAlloc
FreeLibrary
LoadLibraryW
SetStdHandle
WriteConsoleW
SetEndOfFile
GetTimeZoneInformation
CreateFileW
CompareStringW
SetEnvironmentVariableA
GetStringTypeExA
LCMapStringA
LoadLibraryA
DeleteFileW

user32

LoadStringA

advapi32

RegSetValueExW
CopySid
GetLengthSid
GetTokenInformation
ReportEventW
RegisterEventSourceW
RegCloseKey
RegCreateKeyExW
DeregisterEventSource
OpenProcessToken

shell32

SHGetSpecialFolderPathA

Exports

Exports

SecurityCode_GenerateCode
SecurityCode_GetLastError
SecurityCode_Initialise

Sections

.text
Size: 401KB - Virtual size: 400KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b44792cb70544cf4b21038e0ef8a8ee9

Headers

DLL Characteristics

File Characteristics

Imports

bjml

ws2_32

kernel32

user32

advapi32

shell32

Exports

Exports

Sections

.text Size: 401KB - Virtual size: 400KB

.rdata Size: 79KB - Virtual size: 79KB

.data Size: 15KB - Virtual size: 25KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 39KB - Virtual size: 39KB

.text
Size: 401KB - Virtual size: 400KB

.rdata
Size: 79KB - Virtual size: 79KB

.data
Size: 15KB - Virtual size: 25KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 39KB - Virtual size: 39KB