5886d9715edffdf53e81208131ff5330_NeikiAnalytics

Sharing

Copy URL

Twitter E-mail

General

Target

5886d9715edffdf53e81208131ff5330_NeikiAnalytics
Size

579KB
MD5

5886d9715edffdf53e81208131ff5330
SHA1

44c53b5e97bcad5d437252e00460a77ddbee3300
SHA256

be826f5c43f6f463a2276301293b406b06bbf8209cf500b8d4b04e4b4def2391
SHA512

8f9b8334cf4b174376dbf40ad2194c7f2af082174fc6fe5183ff87d828a238a82fc123c36bad7707fe6acfb169aac191d9905d0cb9212f3fe1a460814212ed76
SSDEEP

12288:j6DrWPOD2GSkB32PQS2YxHURpKVbbesEiznMf2het:j6aOyfkB36QS2Y9URYzna2het

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5886d9715edffdf53e81208131ff5330_NeikiAnalytics

Files

5886d9715edffdf53e81208131ff5330_NeikiAnalytics
.dll windows:4 windows x86 arch:x86

8785ccdf28d025e5a0cad12b5725549f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateMutexA
GetCurrentProcessId
FindClose
FindFirstFileA
FindNextFileA
GetProcAddress
WaitForSingleObject
ReleaseMutex
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GetModuleHandleA
GetTickCount
LoadLibraryA
FreeLibrary
IsDBCSLeadByte
GetModuleFileNameA
GetStartupInfoA
CreateProcessA
InterlockedExchange
GetFileAttributesA
SetFileAttributesA
DeleteFileA
CreateDirectoryA
CopyFileA
SetFilePointer
WriteFile
ReadFile
GetFileSize
CloseHandle
CreateFileA
FindResourceA
SizeofResource
GetLastError
GetVersionExA
ExitProcess
SetStdHandle
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
OpenMutexA
IsBadReadPtr
IsBadWritePtr
OpenFileMappingA
Sleep
GetLocalTime
GetSystemTime
GetCurrentProcess
CallNamedPipeA
GetSystemDirectoryA
SetLastError
MoveFileA
DeviceIoControl
GetDriveTypeA
WideCharToMultiByte
MultiByteToWideChar
ResumeThread
GetExitCodeProcess
GetComputerNameA
GetSystemInfo
CreateThread
CreateEventA
SetEvent
OpenEventA
WaitForMultipleObjects
FlushFileBuffers
GetWindowsDirectoryA
RtlUnwind
InterlockedDecrement
InterlockedIncrement
HeapFree
RaiseException
GetCommandLineA
GetVersion
HeapAlloc
HeapReAlloc
GetSystemTimeAsFileTime
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
LCMapStringA
LCMapStringW
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
TerminateProcess
HeapSize
SetUnhandledExceptionFilter
SetHandleCount
GetStdHandle
GetFileType
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetCPInfo
GetACP
GetOEMCP
GetStringTypeA
GetStringTypeW
IsBadCodePtr

user32

KillTimer
DispatchMessageA
MsgWaitForMultipleObjects
PeekMessageA
EndDialog
SetTimer
GetDlgItem
DialogBoxParamA
wsprintfA
LoadStringA
MessageBoxA
SetWindowTextA

advapi32

RegDeleteKeyA
RegCloseKey
RegQueryValueExA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
StartServiceA
RegisterEventSourceA
ReportEventA
DeregisterEventSource
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegEnumKeyExA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
QueryServiceStatus
RegEnumValueA
RegOpenKeyExA

ole32

CoCreateGuid

Exports

Exports

?ExtractSupportFiles@CAuthAPI@@EAEKXZ
?GetConfigObKey1@CLicenceAPI@@UAEHPAK@Z
?GetLicenceNumber@CLicenceAPI@@UAEKXZ
?KeyTransforms@CAuthAPI@@EAEKXZ
?RunCustomApi@CAuthAPI@@UAEKXZ
Ox12345678

Sections

.text
Size: 453KB - Virtual size: 453KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.txt2
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.DIAG_SH
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8785ccdf28d025e5a0cad12b5725549f

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

Exports

Exports

Sections

.text Size: 453KB - Virtual size: 453KB

.txt2 Size: 5KB - Virtual size: 5KB

.rdata Size: 38KB - Virtual size: 38KB

.data Size: 57KB - Virtual size: 68KB

.DIAG_SH Size: 512B - Virtual size: 4B

.rsrc Size: 1024B - Virtual size: 864B

.reloc Size: 22KB - Virtual size: 22KB

.text
Size: 453KB - Virtual size: 453KB

.txt2
Size: 5KB - Virtual size: 5KB

.rdata
Size: 38KB - Virtual size: 38KB

.data
Size: 57KB - Virtual size: 68KB

.DIAG_SH
Size: 512B - Virtual size: 4B

.rsrc
Size: 1024B - Virtual size: 864B

.reloc
Size: 22KB - Virtual size: 22KB