1d29f5e898f3be864bfa7ed4d872f340_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

1d29f5e898f3be864bfa7ed4d872f340_NeikiAnalytics
Size

1.6MB
MD5

1d29f5e898f3be864bfa7ed4d872f340
SHA1

ebd2f99bd6b9c8ddb2585a15c999e91a6184d6a7
SHA256

0413cd80b433c9451a0fb9e6c5eaffbf2066991384ca8c2b61da8720ce8b176a
SHA512

82deff382c61adc25507f3f7cc57e1f01b63bc5bca265b6d0b7d99d79519d5ffa8d733a8cb74251f561e8bbe54502a60d4dad520c68b1dfa62e73b59e50a8c31
SSDEEP

24576:JtCjrgqkEkximZbpM87gH9V01aeO/JrmwSwoopool6fECFlIHlhuRWtGE:JtCXgqy3ZbpjgHn01CnS14GWl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1d29f5e898f3be864bfa7ed4d872f340_NeikiAnalytics

Files

1d29f5e898f3be864bfa7ed4d872f340_NeikiAnalytics
.dll windows:6 windows x86 arch:x86

4ae2e7523249f9fd0a780f033456f22a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

ACE.pdb

Imports

kernel32

GetSystemTimeAsFileTime
CloseHandle
WaitForSingleObject
CreateThread
ReleaseSemaphore
CreateSemaphoreA
GetSystemTime
GetModuleFileNameW
SystemTimeToFileTime
GetSystemDirectoryA
FreeLibrary
LoadLibraryA
GlobalMemoryStatus
GetProfileStringA
CreateDirectoryW
MultiByteToWideChar
CreateFileW
DeleteFileW
GetCurrentProcessId
FindFirstFileW
FindNextFileW
GetFileAttributesW
ReadFile
SetFilePointerEx
WriteFile
GetLastError
MoveFileExW
FileTimeToSystemTime
WideCharToMultiByte
IsValidCodePage
GetACP
Sleep
GetCurrentProcess
GetProcessAffinityMask
SetProcessAffinityMask
GetCurrentThreadId
QueryPerformanceCounter
GetProcAddress
GetModuleHandleA
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
VerifyVersionInfoW
GetSystemInfo
IsProcessorFeaturePresent
FindClose
VerSetConditionMask
IsDebuggerPresent
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
InitializeCriticalSectionAndSpinCount
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InitializeSListHead

user32

LoadStringA

gdi32

GetICMProfileW
DeleteDC
CreateDCW
CreateDCA

advapi32

RegQueryInfoKeyA
RegOpenKeyExA
RegEnumValueA
RegCloseKey
RegQueryValueExA

shell32

SHGetFolderPathW

ole32

CoCreateInstance

msvcp140

??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAG@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAI@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAM@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAN@Z
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@AAD@Z
?peek@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
?unget@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@V?$fpos@U_Mbstatet@@@2@@Z
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@U_Mbstatet@@@2@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Xbad_alloc@std@@YAXXZ
?_Xlength_error@std@@YAXPBD@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z

vcruntime140

__current_exception
strstr
_except_handler4_common
__std_type_info_destroy_list
_CxxThrowException
memcmp
wcsstr
_purecall
memmove
__current_exception_context
__std_exception_destroy
__std_exception_copy
memset
memcpy
__RTDynamicCast
__std_terminate
__CxxFrameHandler3

api-ms-win-crt-math-l1-1-0

fabs
pow
log10
log2
sqrt
log
_fdsign

api-ms-win-crt-runtime-l1-1-0

_register_onexit_function
_initterm_e
_invalid_parameter_noinfo
_errno
_initterm
terminate
_cexit
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_invalid_parameter_noinfo_noreturn
_execute_onexit_table
_crt_atexit

api-ms-win-crt-string-l1-1-0

strncpy
strncmp
strcat
wcstok_s
wcscmp
strcmp
strlen
strnlen
towupper
strcpy

api-ms-win-crt-convert-l1-1-0

strtoul

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vfprintf
__stdio_common_vsscanf
__acrt_iob_func
__stdio_common_vsprintf_s
__stdio_common_vsprintf

api-ms-win-crt-heap-l1-1-0

_callnewh
realloc
malloc
free

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-time-l1-1-0

_time64
_gmtime64

api-ms-win-crt-utility-l1-1-0

qsort

Exports

Exports

ACEGetVersion
ACEHasFeature
ACEInitDelayed
ACEInitialize
ACEInitializeEx
ACETerminate

Sections

.text
Size: 850KB - Virtual size: 850KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 250KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 531KB - Virtual size: 532KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4ae2e7523249f9fd0a780f033456f22a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

msvcp140

vcruntime140

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-utility-l1-1-0

Exports

Exports

Sections

.text Size: 850KB - Virtual size: 850KB

.rdata Size: 250KB - Virtual size: 249KB

.data Size: 7KB - Virtual size: 13KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 531KB - Virtual size: 532KB

.text
Size: 850KB - Virtual size: 850KB

.rdata
Size: 250KB - Virtual size: 249KB

.data
Size: 7KB - Virtual size: 13KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 531KB - Virtual size: 532KB