76b504a4e1d74d58d78513c7811be620_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

76b504a4e1d74d58d78513c7811be620_NeikiAnalytics
Size

101KB
MD5

76b504a4e1d74d58d78513c7811be620
SHA1

17776aa87c323d25350201cd8c48c5266f9fd0d5
SHA256

364aef52793fcd9068b305ceda4efa4d00b0964459cf8d6e13bbb9e8e1c76d26
SHA512

703da89ff99a07cae2f602120b0098e5d1852db4e76bd0a36e6b7d56802c762af5943e9a271172eb8d56dea5dd2f96c7872f4988e7d2da0c35db8838264c7456
SSDEEP

3072:hu+6Jh0f6+r3usbl1Zg9NnTFcYVADzQMERpKbVUVcDULuLyGs8F:UYS0BLSBKDzQNuLy0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
76b504a4e1d74d58d78513c7811be620_NeikiAnalytics

Files

76b504a4e1d74d58d78513c7811be620_NeikiAnalytics
.dll regsvr32 windows:6 windows x86 arch:x86

a863caca707e9f988899e232c38c225a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\eCamView Master\Dev Branch\eCamView\e-CAMView\Source\Release\CustomIRTransformFilter.pdb

Imports

winmm

timeGetTime
timeSetEvent

kernel32

lstrlenA
GetLastError
GetModuleFileNameA
InterlockedIncrement
FreeLibrary
InterlockedDecrement
LoadLibraryW
EnterCriticalSection
LeaveCriticalSection
lstrcmpW
CloseHandle
CreateEventW
SetEvent
ResetEvent
WaitForMultipleObjects
WaitForSingleObject
ReleaseSemaphore
GetSystemInfo
VirtualFree
DuplicateHandle
MultiByteToWideChar
GetCurrentThreadId
CreateSemaphoreW
VirtualAlloc
GetVersionExW
DisableThreadLibraryCalls
InterlockedExchange
GetProcAddress
GetModuleHandleW
SetThreadPriority
GetThreadPriority
GetCurrentThread
lstrlenW
CreateThread
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
IsDebuggerPresent
GetStartupInfoW
InitializeSListHead
DeleteCriticalSection
InitializeCriticalSection
OutputDebugStringW
GetCurrentProcess
GetTickCount

user32

DispatchMessageW
MsgWaitForMultipleObjects
GetQueueStatus
PeekMessageW
PostThreadMessageW
RegisterWindowMessageW

advapi32

RegSetValueW
RegSetValueExW
RegDeleteKeyW
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegCreateKeyW

ole32

CoFreeUnusedLibraries
CoCreateInstance
CoInitialize
CoTaskMemFree
CoUninitialize
StringFromGUID2
CoTaskMemAlloc

oleaut32

SysAllocString
SysFreeString

vcruntime140

__std_type_info_destroy_list
_except_handler4_common
_CxxThrowException
__std_exception_destroy
__std_exception_copy
_purecall
memset
memcpy
__CxxFrameHandler3
__std_terminate

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vswprintf

api-ms-win-crt-heap-l1-1-0

malloc
_callnewh
free

api-ms-win-crt-runtime-l1-1-0

_cexit
_crt_at_quick_exit
terminate
_crt_atexit
_initterm
_initterm_e
_initialize_narrow_environment
_seh_filter_dll
_configure_narrow_argv
_register_onexit_function
_initialize_onexit_table
_execute_onexit_table

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a863caca707e9f988899e232c38c225a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

winmm

kernel32

user32

advapi32

ole32

oleaut32

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 40KB - Virtual size: 39KB

.data Size: 1KB - Virtual size: 6KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 40KB - Virtual size: 39KB

.data
Size: 1KB - Virtual size: 6KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 4KB