4448b5f09cbc09ce66b1ee58fab9fe20_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

4448b5f09cbc09ce66b1ee58fab9fe20_NeikiAnalytics
Size

3.2MB
MD5

4448b5f09cbc09ce66b1ee58fab9fe20
SHA1

bb28bb146054ab9f8853794667b20b1b5bc37a56
SHA256

31a7e45e66229f21270d2a6dcac81b1d1c3adcf2fe39ea8eab4f3437b2d60fe9
SHA512

23b4ff0217df974a0b0a4f03ff9bacec89c785b6e97a8521078448be82c27d368d02e4576cafdda91610bf3feef60b834cc4417e02d485c562c615def9285f7b
SSDEEP

49152:nL78oY/B1m5K4oGaqfQPmGqbCtI4lMJoWqWaHFClAe1GslmlpemeTO/0R+t+k+kN:L7rD5u1vquI4vDo7aS6OiP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4448b5f09cbc09ce66b1ee58fab9fe20_NeikiAnalytics

Files

4448b5f09cbc09ce66b1ee58fab9fe20_NeikiAnalytics
.exe windows:4 windows x64 arch:x64

da40db0d220c1fab865ff4c6e874e026

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

libgcc_s_seh-1

_Unwind_Resume
__emutls_get_address

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
QueryPerformanceCounter
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WideCharToMultiByte
__C_specific_handler

msvcrt

___lc_codepage_func
___mb_cur_max_func
__getmainargs
__initenv
__iob_func
__lconv_init
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_cexit
_errno
_fmode
_initterm
_lock
_onexit
_time64
_unlock
abort
atof
atoi
calloc
clock
exit
fclose
fflush
fopen
fprintf
fputc
fread
free
fwrite
getenv
isalnum
isspace
localeconv
malloc
memcmp
memcpy
memmove
memset
raise
realloc
signal
strchr
strcmp
strerror
strlen
strncmp
strstr
strtoul
tolower
vfprintf
wcslen

libwinpthread-1

pthread_mutex_destroy
pthread_mutex_init
pthread_mutex_lock
pthread_mutex_unlock

libstdc++-6

_ZNKSt11logic_error4whatEv
_ZNKSt13runtime_error4whatEv
_ZNKSt5ctypeIcE13_M_widen_initEv
_ZNKSt6locale2id5_M_idEv
_ZNKSt6localeeqERKS_
_ZNKSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE4findEPKcyy
_ZNKSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE4findEcy
_ZNKSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE5rfindEPKcyy
_ZNKSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE7compareEPKc
_ZNKSt7__cxx1115basic_stringbufIcSt11char_traitsIcESaIcEE3strEv
_ZNKSt8__detail20_Prime_rehash_policy11_M_next_bktEy
_ZNKSt8__detail20_Prime_rehash_policy14_M_need_rehashEyyy
_ZNKSt9exception4whatEv
_ZNKSt9type_infoeqERKS_
_ZNSi10_M_extractIdEERSiRT_
_ZNSi10_M_extractIfEERSiRT_
_ZNSi10_M_extractIjEERSiRT_
_ZNSi10_M_extractIlEERSiRT_
_ZNSi10_M_extractItEERSiRT_
_ZNSi10_M_extractIyEERSiRT_
_ZNSi3getERc
_ZNSi4readEPcx
_ZNSi5seekgExSt12_Ios_Seekdir
_ZNSi5ungetEv
_ZNSi6ignoreExi
_ZNSi7putbackEc
_ZNSirsERi
_ZNSirsERs
_ZNSo3putEc
_ZNSo5flushEv
_ZNSo5writeEPKcx
_ZNSo9_M_insertIbEERSoT_
_ZNSo9_M_insertIdEERSoT_
_ZNSo9_M_insertImEERSoT_
_ZNSo9_M_insertIxEERSoT_
_ZNSo9_M_insertIyEERSoT_
_ZNSolsEi
_ZNSolsEs
_ZNSt11logic_errorC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZNSt11logic_errorD2Ev
_ZNSt11range_errorC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZNSt11range_errorD2Ev
_ZNSt11regex_errorD1Ev
_ZNSt12__basic_fileIcED1Ev
_ZNSt13basic_filebufIcSt11char_traitsIcEE5closeEv
_ZNSt13runtime_errorC2EPKc
_ZNSt14basic_ifstreamIcSt11char_traitsIcEEC1ERKNSt7__cxx1112basic_stringIcS1_SaIcEEESt13_Ios_Openmode
_ZNSt14basic_ifstreamIcSt11char_traitsIcEED1Ev
_ZNSt14basic_ofstreamIcSt11char_traitsIcEEC1ERKNSt7__cxx1112basic_stringIcS1_SaIcEEESt13_Ios_Openmode
_ZNSt14basic_ofstreamIcSt11char_traitsIcEED1Ev
_ZNSt5ctypeIcE2idE
_ZNSt6chrono3_V212steady_clock3nowEv
_ZNSt6locale7classicEv
_ZNSt6localeC1ERKS_
_ZNSt6localeC1Ev
_ZNSt6localeD1Ev
_ZNSt6localeaSERKS_
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE10_M_replaceEyyPKcy
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE12_M_constructEyc
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE14_M_replace_auxEyyyc
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE6assignEPKc
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE9_M_appendEPKcy
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE9_M_assignERKS4_
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE9_M_createERyy
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE9_M_mutateEyyPKcy
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE9push_backEc
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEaSEOS4_
_ZNSt7__cxx1115basic_stringbufIcSt11char_traitsIcESaIcEE7_M_syncEPcyy
_ZNSt7__cxx1118basic_stringstreamIcSt11char_traitsIcESaIcEEC1ESt13_Ios_Openmode
_ZNSt7__cxx1118basic_stringstreamIcSt11char_traitsIcESaIcEED1Ev
_ZNSt7__cxx1119basic_istringstreamIcSt11char_traitsIcESaIcEEC1ERKNS_12basic_stringIcS2_S3_EESt13_Ios_Openmode
_ZNSt7__cxx1119basic_istringstreamIcSt11char_traitsIcESaIcEEC1ESt13_Ios_Openmode
_ZNSt7__cxx1119basic_istringstreamIcSt11char_traitsIcESaIcEED1Ev
_ZNSt7__cxx1119basic_ostringstreamIcSt11char_traitsIcESaIcEEC1ESt13_Ios_Openmode
_ZNSt7__cxx1119basic_ostringstreamIcSt11char_traitsIcESaIcEED1Ev
_ZNSt8__detail15_List_node_base7_M_hookEPS0_
_ZNSt8__detail15_List_node_base9_M_unhookEv
_ZNSt8bad_castD2Ev
_ZNSt8ios_base13_M_grow_wordsEib
_ZNSt8ios_base4InitC1Ev
_ZNSt8ios_base4InitD1Ev
_ZNSt8ios_base6xallocEv
_ZNSt8ios_baseC2Ev
_ZNSt8ios_baseD2Ev
_ZNSt9bad_allocD1Ev
_ZNSt9basic_iosIcSt11char_traitsIcEE4initEPSt15basic_streambufIcS1_E
_ZNSt9basic_iosIcSt11char_traitsIcEE5clearESt12_Ios_Iostate
_ZNSt9exceptionD2Ev
_ZSt11_Hash_bytesPKvyy
_ZSt16__ostream_insertIcSt11char_traitsIcEERSt13basic_ostreamIT_T0_ES6_PKS3_x
_ZSt16__throw_bad_castv
_ZSt17__throw_bad_allocv
_ZSt18_Rb_tree_decrementPKSt18_Rb_tree_node_base
_ZSt18_Rb_tree_decrementPSt18_Rb_tree_node_base
_ZSt18_Rb_tree_incrementPKSt18_Rb_tree_node_base
_ZSt18_Rb_tree_incrementPSt18_Rb_tree_node_base
_ZSt19__throw_logic_errorPKc
_ZSt19__throw_regex_errorNSt15regex_constants10error_typeE
_ZSt20__throw_length_errorPKc
_ZSt20__throw_out_of_rangePKc
_ZSt20__throw_system_errori
_ZSt24__throw_invalid_argumentPKc
_ZSt24__throw_out_of_range_fmtPKcz
_ZSt25__throw_bad_function_callv
_ZSt28_Rb_tree_rebalance_for_erasePSt18_Rb_tree_node_baseRS_
_ZSt29_Rb_tree_insert_and_rebalancebPSt18_Rb_tree_node_baseS0_RS_
_ZSt4cerr
_ZSt4cout
_ZSt4endlIcSt11char_traitsIcEERSt13basic_ostreamIT_T0_ES6_
_ZSt7getlineIcSt11char_traitsIcESaIcEERSt13basic_istreamIT_T0_ES7_RNSt7__cxx1112basic_stringIS4_S5_T1_EE
_ZSt7getlineIcSt11char_traitsIcESaIcEERSt13basic_istreamIT_T0_ES7_RNSt7__cxx1112basic_stringIS4_S5_T1_EES4_
_ZSt9use_facetINSt7__cxx117collateIcEEERKT_RKSt6locale
_ZSt9use_facetINSt7__cxx118numpunctIcEEERKT_RKSt6locale
_ZSt9use_facetISt5ctypeIcEERKT_RKSt6locale
_ZStlsISt11char_traitsIcEERSt13basic_ostreamIcT_ES5_PKc
_ZStrsIcSt11char_traitsIcEERSt13basic_istreamIT_T0_ES6_RS3_
_ZStrsIcSt11char_traitsIcESaIcEERSt13basic_istreamIT_T0_ES7_RNSt7__cxx1112basic_stringIS4_S5_T1_EE
_ZTIb
_ZTIi
_ZTIy
_ZTTNSt7__cxx1118basic_stringstreamIcSt11char_traitsIcESaIcEEE
_ZTTNSt7__cxx1119basic_istringstreamIcSt11char_traitsIcESaIcEEE
_ZTTSt14basic_ifstreamIcSt11char_traitsIcEE
_ZTTSt14basic_ofstreamIcSt11char_traitsIcEE
_ZTVN10__cxxabiv117__class_type_infoE
_ZTVN10__cxxabiv120__si_class_type_infoE
_ZTVN10__cxxabiv121__vmi_class_type_infoE
_ZTVNSt7__cxx1115basic_stringbufIcSt11char_traitsIcESaIcEEE
_ZTVNSt7__cxx1118basic_stringstreamIcSt11char_traitsIcESaIcEEE
_ZTVNSt7__cxx1119basic_istringstreamIcSt11char_traitsIcESaIcEEE
_ZTVSt11regex_error
_ZTVSt13basic_filebufIcSt11char_traitsIcEE
_ZTVSt14basic_ifstreamIcSt11char_traitsIcEE
_ZTVSt14basic_ofstreamIcSt11char_traitsIcEE
_ZTVSt15basic_streambufIcSt11char_traitsIcEE
_ZTVSt9bad_alloc
_ZTVSt9basic_iosIcSt11char_traitsIcEE
_ZdaPv
_ZdlPv
_ZdlPvy
_Znay
_Znwy
__cxa_allocate_exception
__cxa_bad_cast
__cxa_begin_catch
__cxa_end_catch
__cxa_free_exception
__cxa_guard_abort
__cxa_guard_acquire
__cxa_guard_release
__cxa_pure_virtual
__cxa_rethrow
__cxa_throw
__cxa_throw_bad_array_new_length
__dynamic_cast
__gxx_personality_seh0

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/31
Size: 512B - Virtual size: 329B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 1024B - Virtual size: 546B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/57
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/70
Size: 512B - Virtual size: 155B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

da40db0d220c1fab865ff4c6e874e026

Headers

File Characteristics

Imports

libgcc_s_seh-1

kernel32

msvcrt

libwinpthread-1

libstdc++-6

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.data Size: 3KB - Virtual size: 2KB

.rdata Size: 79KB - Virtual size: 78KB

.pdata Size: 25KB - Virtual size: 25KB

.xdata Size: 58KB - Virtual size: 57KB

.bss Size: - Virtual size: 5KB

.idata Size: 13KB - Virtual size: 12KB

.CRT Size: 512B - Virtual size: 104B

.tls Size: 512B - Virtual size: 16B

/4 Size: 512B - Virtual size: 80B

/19 Size: 8KB - Virtual size: 7KB

/31 Size: 512B - Virtual size: 329B

/45 Size: 1024B - Virtual size: 546B

/57 Size: 512B - Virtual size: 72B

/70 Size: 512B - Virtual size: 155B

.text
Size: 1.3MB - Virtual size: 1.3MB

.data
Size: 3KB - Virtual size: 2KB

.rdata
Size: 79KB - Virtual size: 78KB

.pdata
Size: 25KB - Virtual size: 25KB

.xdata
Size: 58KB - Virtual size: 57KB

.bss
Size: - Virtual size: 5KB

.idata
Size: 13KB - Virtual size: 12KB

.CRT
Size: 512B - Virtual size: 104B

.tls
Size: 512B - Virtual size: 16B

/4
Size: 512B - Virtual size: 80B

/19
Size: 8KB - Virtual size: 7KB

/31
Size: 512B - Virtual size: 329B

/45
Size: 1024B - Virtual size: 546B

/57
Size: 512B - Virtual size: 72B

/70
Size: 512B - Virtual size: 155B