c02cbf73fb6cb1db71ebd1ec8b617580_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

c02cbf73fb6cb1db71ebd1ec8b617580_NeikiAnalytics
Size

724KB
MD5

c02cbf73fb6cb1db71ebd1ec8b617580
SHA1

df8452c66dfd4395d44c41ee2ad565e60a180f1b
SHA256

b6a0d97c0f05848c23daac54c481292fe7d9a1c152636d25c56aeb2027847e47
SHA512

f52588402ec29479ecb4d80ca4e6ef69b26692f6deed682e121250e031f95d900fb38253412afcda34c36d5d6b94a1a7e57004bca899e8fc8a3d5416e7d91cc1
SSDEEP

12288:8dzcD/u+nr1uPCoXUOG3cjof6ni9Niw+HHOOsI/EBwTLLnOSTZLq:8dOG+r+Cm/Lw+nOOsIsBgLnOSTZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c02cbf73fb6cb1db71ebd1ec8b617580_NeikiAnalytics

Files

c02cbf73fb6cb1db71ebd1ec8b617580_NeikiAnalytics
.dll windows:6 windows x64 arch:x64

2e07c92151279027cbef48d0d2d625be

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\david\Desktop\eternal-master\cheat\x64\Release\Disshi.pdb

Imports

opengl32

glGenLists
wglGetCurrentDC
wglGetCurrentContext
wglUseFontBitmapsW
wglDeleteContext
glColor3f
glPolygonOffset
glDepthRange
glPixelStorei
glDrawElements
glColorPointer
glTexImage2D
glTexCoordPointer
glDeleteTextures
glTexParameteri
glScissor
glGenTextures
glBindTexture
glPolygonMode
glPopMatrix
glGetIntegerv
glPushAttrib
glOrtho
glGetFloatv
glVertex2d
glColor4ub
glVertex2f
wglCreateContext
glEdgeFlag
glLoadIdentity
glDisableClientState
glVertexPointer
glPopAttrib
glEnableClientState
glViewport
wglMakeCurrent
glPushMatrix
glDisable
glColor4f
glScalef
glVertex3d
glRotatef
glTranslatef
glBegin
glHint
glBlendFunc
glLineWidth
glTranslated
glMatrixMode
glEnd
glLoadMatrixf
glDepthMask
glEnable

kernel32

InitOnceComplete
InitOnceBeginInitialize
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetSystemTimeAsFileTime
GetConsoleWindow
FreeConsole
FreeLibraryAndExitThread
OpenThread
SetThreadContext
FlushInstructionCache
GetModuleHandleW
GetCurrentProcessId
GetThreadContext
HeapDestroy
HeapAlloc
CloseHandle
HeapReAlloc
Sleep
CreateToolhelp32Snapshot
ResumeThread
SuspendThread
GetCurrentThreadId
Thread32First
Thread32Next
GetCurrentProcess
HeapFree
VirtualProtect
HeapCreate
VirtualQuery
GetSystemInfo
InitializeSListHead
GetTickCount64
GetTickCount
GetModuleHandleA
GetProcAddress
GetCurrentThread
GetCommandLineA
DisableThreadLibraryCalls
CreateThread
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
QueryPerformanceFrequency
QueryPerformanceCounter
VirtualFree
VirtualAlloc

user32

GetWindowRect
GetDC
SetWindowLongPtrW
CallWindowProcA
GetCapture
ClientToScreen
IsChild
SetWindowLongPtrA
ShowWindow
GetKeyState
ScreenToClient
LoadCursorW
SetCapture
SetCursor
ReleaseCapture
FindWindowA
GetForegroundWindow
GetAsyncKeyState
GetClientRect
GetCursorPos
CloseClipboard
PostMessageW
GetWindowTextA
SetClipboardData
GetClipboardData
SetCursorPos
OpenClipboard
EmptyClipboard

gdi32

CreateFontA
SelectObject
ChoosePixelFormat
DeleteObject
SetPixelFormat

msvcp140

?_Xlength_error@std@@YAXPEBD@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?uncaught_exception@std@@YA_NXZ
?_Xinvalid_argument@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z
_Xtime_get_ticks
?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?_Random_device@std@@YAIXZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
_Query_perf_counter
_Thrd_sleep
_Query_perf_frequency

ws2_32

WSASend
WSARecv

imm32

ImmReleaseContext
ImmGetContext
ImmSetCompositionWindow

xinput1_4

ord2
ord4

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__std_type_info_destroy_list
_CxxThrowException
__current_exception_context
__current_exception
memset
strstr
memmove
__std_terminate
__std_exception_copy
__std_exception_destroy
memcpy
__C_specific_handler
memcmp
memchr

api-ms-win-crt-runtime-l1-1-0

_invalid_parameter_noinfo_noreturn
_initterm_e
_initterm
terminate
_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_errno
abort

api-ms-win-crt-heap-l1-1-0

free
realloc
malloc
_callnewh

api-ms-win-crt-string-l1-1-0

strncpy
isalnum
strncmp
strcmp

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsscanf
fread
_wfopen
fwrite
fseek
fclose
fflush
ftell
__stdio_common_vsprintf
__stdio_common_vfprintf
__acrt_iob_func

api-ms-win-crt-math-l1-1-0

atan2f
sqrtf
ldexp
ceilf
atan2
pow
cosf
_hypotf
fmin
fmaxf
fminf
powf
sinf
floorf
fmodf
fmod
sqrt

api-ms-win-crt-convert-l1-1-0

atof
strtol

api-ms-win-crt-utility-l1-1-0

qsort

Sections

.text
Size: 555KB - Virtual size: 555KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 652B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2e07c92151279027cbef48d0d2d625be

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

opengl32

kernel32

user32

gdi32

msvcp140

ws2_32

imm32

xinput1_4

vcruntime140_1

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-utility-l1-1-0

Sections

.text Size: 555KB - Virtual size: 555KB

.rdata Size: 129KB - Virtual size: 129KB

.data Size: 15KB - Virtual size: 31KB

.pdata Size: 21KB - Virtual size: 21KB

.rsrc Size: 512B - Virtual size: 248B

.reloc Size: 1024B - Virtual size: 652B

.text
Size: 555KB - Virtual size: 555KB

.rdata
Size: 129KB - Virtual size: 129KB

.data
Size: 15KB - Virtual size: 31KB

.pdata
Size: 21KB - Virtual size: 21KB

.rsrc
Size: 512B - Virtual size: 248B

.reloc
Size: 1024B - Virtual size: 652B