cb1855d744a0aa7e6873e33edd0b8f50_NeikiAnalytics

Sharing

Copy URL

Twitter E-mail

General

Target

cb1855d744a0aa7e6873e33edd0b8f50_NeikiAnalytics
Size

440KB
MD5

cb1855d744a0aa7e6873e33edd0b8f50
SHA1

6e31d3324f9326463999c1152db9c8efe67ea314
SHA256

99f2aaf2e95d3c3b7d56097fdd845ed7bf6920e034eb9951ead745146fa908e3
SHA512

9dadb9cf782666e38ed48860d41345f57b8bae5b549c2de65bd35f49bfb73bec002114068910a1c00ab06ee0522978e5244dbd0534004fd94b3191461825bc17
SSDEEP

6144:pR+WVYpppKen9VDg4tHCtEkiBGK401q2HE0I67++++++++TK53d:g1HCD+9q2HE0I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cb1855d744a0aa7e6873e33edd0b8f50_NeikiAnalytics

Files

cb1855d744a0aa7e6873e33edd0b8f50_NeikiAnalytics
.dll windows:6 windows x64 arch:x64

9715494534bbe6138226fd9ad5298507

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

api-ms-win-crt-string-l1-1-0

isalpha
isalnum
strpbrk
strcmp
strlen
memset

api-ms-win-crt-heap-l1-1-0

_callnewh
malloc
free
_aligned_free
_aligned_malloc

api-ms-win-crt-math-l1-1-0

sqrt
pow
ceil

api-ms-win-crt-runtime-l1-1-0

_invalid_parameter_noinfo_noreturn
_wassert
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_initterm_e
_cexit
_initterm
_crt_atexit

msvcp140

_Mtx_destroy_in_situ
_Mtx_lock
?_Throw_C_error@std@@YAXH@Z
_Mtx_unlock
?_Xout_of_range@std@@YAXPEBD@Z
_Mtx_init_in_situ
_Query_perf_frequency
_Query_perf_counter
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1ios_base@std@@UEAA@XZ
??0ios_base@std@@IEAA@XZ
?init@?$basic_ios@DU?$char_traits@D@std@@@std@@IEAAXPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@_N@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?uncaught_exception@std@@YA_NXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?_Xbad_alloc@std@@YAXXZ
?_Xlength_error@std@@YAXPEBD@Z
?_BADOFF@std@@3_JB
?good@ios_base@std@@QEBA_NXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z

vcruntime140

__vcrt_InitializeCriticalSectionEx
__CxxFrameHandler3
__std_terminate
memmove
memcpy
__RTDynamicCast
__std_type_info_destroy_list
__std_exception_destroy
__std_exception_copy
__C_specific_handler
memcmp
memchr
_purecall
_CxxThrowException

kernel32

GetCurrentProcessId
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
GetModuleHandleW
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetProcAddress
CreateFileW
WriteFile
ReadFile
GetLastError
PeekNamedPipe
CloseHandle

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf
__stdio_common_vsprintf_s
__stdio_common_vsscanf

Exports

Exports

AvisynthPluginInit3
svpGetVersion

Sections

.text
Size: 356KB - Virtual size: 355KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rodata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 400B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9715494534bbe6138226fd9ad5298507

Headers

DLL Characteristics

File Characteristics

Imports

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-runtime-l1-1-0

msvcp140

vcruntime140

kernel32

api-ms-win-crt-stdio-l1-1-0

Exports

Exports

Sections

.text Size: 356KB - Virtual size: 355KB

.rodata Size: 6KB - Virtual size: 6KB

.rdata Size: 58KB - Virtual size: 58KB

.data Size: 2KB - Virtual size: 2KB

.pdata Size: 13KB - Virtual size: 12KB

.gfids Size: 512B - Virtual size: 52B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 400B

.text
Size: 356KB - Virtual size: 355KB

.rodata
Size: 6KB - Virtual size: 6KB

.rdata
Size: 58KB - Virtual size: 58KB

.data
Size: 2KB - Virtual size: 2KB

.pdata
Size: 13KB - Virtual size: 12KB

.gfids
Size: 512B - Virtual size: 52B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 400B