92c5dd6e93a6b6901ccdbb82c1d21aa0_NeikiAnalytics

Sharing

Copy URL

Twitter E-mail

General

Target

92c5dd6e93a6b6901ccdbb82c1d21aa0_NeikiAnalytics
Size

91KB
MD5

92c5dd6e93a6b6901ccdbb82c1d21aa0
SHA1

3eb8851087e2741ce22931bb0bc34cd8d471b4ee
SHA256

176496d4df74229da41caa434bcb780bf1d9fd22cae540ec2d89c24bcce591e1
SHA512

8b174f4b2075ab082139e0cacd2f3a89486df8d82b2d461efb2f572e21e0daf0b7cf6a5976d1a099fe601cb9e495d721faa0159a976c094a3aab6b8563e15973
SSDEEP

1536:kPTGOlhS8xcw5dxBm8t41lJUEhiFU/+DbVBaS04iLhuoKaiKy6MlYwogB9XbzwhH:6lh8w5dxBm8t41lcSmPqrE9EB2dE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
92c5dd6e93a6b6901ccdbb82c1d21aa0_NeikiAnalytics

Files

92c5dd6e93a6b6901ccdbb82c1d21aa0_NeikiAnalytics
.exe windows:6 windows x64 arch:x64

fbfb57abaf909cd195c9adfe8bfc416a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

llama

ggml_print_backtrace

kernel32

InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
TerminateProcess
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetCurrentProcess
GetModuleHandleW

msvcp140

?_Xout_of_range@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z

vcruntime140

__current_exception
__current_exception_context
__C_specific_handler
__std_exception_copy
memset
__std_exception_destroy
_CxxThrowException
memmove
memcmp
memcpy

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-runtime-l1-1-0

_invalid_parameter_noinfo_noreturn
terminate
_register_thread_local_exe_atexit_callback
_c_exit
__p___argv
__p___argc
_wassert
_exit
_initterm_e
_initterm
_get_initial_narrow_environment
_set_app_type
_seh_filter_exe
_cexit
_crt_atexit
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
exit
abort

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
_set_fmode
fflush
__p__commode
__stdio_common_vfprintf
fputs

api-ms-win-crt-heap-l1-1-0

_set_new_mode
free
_callnewh
malloc

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fbfb57abaf909cd195c9adfe8bfc416a

Headers

DLL Characteristics

File Characteristics

Imports

llama

kernel32

msvcp140

vcruntime140

vcruntime140_1

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 68KB - Virtual size: 68KB

.rdata Size: 18KB - Virtual size: 17KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 2KB - Virtual size: 2KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 512B - Virtual size: 120B

.text
Size: 68KB - Virtual size: 68KB

.rdata
Size: 18KB - Virtual size: 17KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 512B - Virtual size: 120B