b150eaff3287a70b3d01a36ed593c4c0_NeikiAnalytics | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b150eaff3287a70b3d01a36ed593c4c0_NeikiAnalytics
Size

4.2MB
MD5

b150eaff3287a70b3d01a36ed593c4c0
SHA1

e19717ba85f87bb5b039cb6b23a2bc990868f13f
SHA256

5a2df44b25ed1f2ce76e4caee618448caf9bc08642623c788d0c0ca5a539be19
SHA512

98e2f7f24d755257381941d7337a3a868ed4ebdca6369a59638cf4a9ae36152304f486c6f8bc40e549aeef2d721c6756e28207ae3a0b6bf16d81683ae1d09dc0
SSDEEP

49152:jzTQ1onqSZKo+gqSucPCQFcI2mBitn6b45bVW4b3qF5Q0bpm/frSlj01xBTVBli:vsczcIb6nFN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b150eaff3287a70b3d01a36ed593c4c0_NeikiAnalytics

Files

b150eaff3287a70b3d01a36ed593c4c0_NeikiAnalytics
.dll windows:5 windows x64 arch:x64

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Exports

Exports

CreatePlugInstance
TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr

Sections

.text
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 275KB - Virtual size: 274KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 59KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 189B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 69B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.pdata
Size: 165KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 215KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ