8abefc4aca7a17ed08243e02d5e398f0_NeikiAnalytics

General

Target

8abefc4aca7a17ed08243e02d5e398f0_NeikiAnalytics
Size

128KB
MD5

8abefc4aca7a17ed08243e02d5e398f0
SHA1

d8a86610840fb5475ff2d2b9c98851a3762e0a0a
SHA256

fd88cb4b34c37304791f8a302257a0460806225375b478cf201debf9a4640f00
SHA512

e614445b5d3a52906c347ea54f16546c5c615e014069180212383f181e3ab0ae7cea170674dfcb2f99cdb47f46c67b3342ac3f9bbb9271ef3124c22b3c9069a4
SSDEEP

3072:rzbivKCbPsiUtrdW7YRayvr5p+1rOnILn6TNX:rkKCLOtrdWw18WILn6T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8abefc4aca7a17ed08243e02d5e398f0_NeikiAnalytics

Files

8abefc4aca7a17ed08243e02d5e398f0_NeikiAnalytics
.dll windows:4 windows x86 arch:x86

69d2cc36f62b0313fe368cbc2ea077bf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

CharLowerA
OemToCharBuffA
CharUpperW
CharToOemA
CharUpperA
CharLowerW
CharToOemBuffA
OemToCharA

msvcrt

free
_CxxThrowException
_purecall
strncpy
malloc
strncat
strchr
sprintf
_setmaxstdio
__CxxFrameHandler
??2@YAPAXI@Z
strrchr
fflush
fgetc
fgets
fopen
fputc
fputs
fread
clearerr
ftell
fwrite
realloc
fclose
rewind
setvbuf
_stat
remove
ungetc
_vsnprintf
tolower
mblen
__mb_cur_max
_errno
memmove
strpbrk
isdigit
atoi
_initterm
_adjust_fdiv
??1type_info@@UAE@XZ
__dllonexit
_onexit
_except_handler3
?terminate@@YAXXZ
??3@YAXPAX@Z
rename
fseek
_utime
_fileno
_chmod
_access
_chsize

kernel32

MultiByteToWideChar
DisableThreadLibraryCalls
GetVersionExA
CompareStringA
GetCPInfo
IsDBCSLeadByte
GetTempPathA
WideCharToMultiByte

Exports

Exports

?DecDeleteEngine@@YAJPAVIDecEngine@@@Z
?DecDeleteRAREngine@@YAJPAVIDecEngine@@@Z
?DecNewEngine@@YAJPAPAVIDecEngine@@@Z
?DecNewRAREngine@@YAJPAPAVIDecEngine@@@Z

Sections

.text
Size: 96KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

69d2cc36f62b0313fe368cbc2ea077bf

Headers

File Characteristics

Imports

user32

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 96KB - Virtual size: 93KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 23KB

.rsrc Size: 4KB - Virtual size: 888B

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 96KB - Virtual size: 93KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 23KB

.rsrc
Size: 4KB - Virtual size: 888B

.reloc
Size: 8KB - Virtual size: 5KB