5851afe1419921e3b06dc8eab4f1c250_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

5851afe1419921e3b06dc8eab4f1c250_NeikiAnalytics
Size

328KB
MD5

5851afe1419921e3b06dc8eab4f1c250
SHA1

071d9f99e5597420cefc1d321ae82625956445c6
SHA256

361053470dbe18d8ebdeea7818b543e6ffb032250a3fb30bd302d1b125097bb1
SHA512

e63428d4a92f9e88fcaab83fb16bf5809d668281e03133fdae04e86448c702db6af6f64f948f42579b42df5c47ae764449c16464d4d899c26d058a4c89749a09
SSDEEP

6144:p57DoshDtxBookOfnjZBBV+UdvrEFp7hK2n:p53osh5xeokO/jXBjvrEH7x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5851afe1419921e3b06dc8eab4f1c250_NeikiAnalytics

Files

5851afe1419921e3b06dc8eab4f1c250_NeikiAnalytics
.dll windows:4 windows x86 arch:x86

f6d5f8fd8e2ea1e3d5f02c3578ebf77a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetEnvironmentVariableA
GetVersion
DebugBreak
GetStdHandle
WriteFile
InterlockedDecrement
OutputDebugStringA
GetProcAddress
LoadLibraryA
InterlockedIncrement
GetModuleFileNameA
EnterCriticalSection
LeaveCriticalSection
GetModuleHandleA
RaiseException
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
GetCurrentThread
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
IsBadWritePtr
IsBadReadPtr
HeapValidate
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetCommandLineA
GetVersionExA
HeapDestroy
HeapCreate
HeapFree
VirtualFree
SetConsoleCtrlHandler
InitializeCriticalSection
FatalAppExitA
UnhandledExceptionFilter
RtlUnwind
HeapAlloc
HeapReAlloc
VirtualAlloc
GetCPInfo
GetACP
GetOEMCP
FlushFileBuffers
Sleep
SetFilePointer
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
CloseHandle
SetStdHandle
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetTimeZoneInformation
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA

Exports

Exports

getDay
getDayName
getMonth
getYear

Sections

.text
Size: 200KB - Virtual size: 199KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f6d5f8fd8e2ea1e3d5f02c3578ebf77a

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 200KB - Virtual size: 199KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 24KB - Virtual size: 26KB

.idata Size: 4KB - Virtual size: 2KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 200KB - Virtual size: 199KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 24KB - Virtual size: 26KB

.idata
Size: 4KB - Virtual size: 2KB

.reloc
Size: 8KB - Virtual size: 6KB