8d5bed5285ce0fccd9e89b1813596a40_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

8d5bed5285ce0fccd9e89b1813596a40_NeikiAnalytics
Size

2.6MB
MD5

8d5bed5285ce0fccd9e89b1813596a40
SHA1

df3f8d757003ebb94a4b3fee5fdbda67f768505b
SHA256

0e4fcf6bd874ec2fc68423baa3e2b67255273d1936298bc82c48b6ebf215a7a2
SHA512

d7bbf54cb6f5000629644c3564b40a11fb2563e67bbddf9c16ca9d23966de09468d22fc9a6bf1e149c93cbdd56b1946b218fd28167be054b2bffe5302a7e734d
SSDEEP

49152:6obgKOOg7aJchD9npekh3TyuzAlzN19h1LnI+zpNb3ikbdrIgrSU/voccghmt8:6obgKOOfc1ZN3Typ197E+zpNTi0VGev3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8d5bed5285ce0fccd9e89b1813596a40_NeikiAnalytics

Files

8d5bed5285ce0fccd9e89b1813596a40_NeikiAnalytics
.dll windows:5 windows x86 arch:x86

84394f3969dcce16551d6e44e2e034dd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

rpcrt4

NdrConformantStringBufferSize
UuidToStringA

user32

CallNextHookEx
DispatchMessageA
UpdateWindow
CreateWindowExA
GetMessageTime
UnhookWindowsHookEx
SetLastErrorEx
GetGUIThreadInfo
AllowSetForegroundWindow

oleaut32

GetErrorInfo
SysAllocStringLen

netapi32

NetServerGetInfo

shell32

CommandLineToArgvW
SHFormatDrive
SHGetUnreadMailCountW

psapi

GetModuleFileNameExW
GetModuleBaseNameW

shlwapi

StrRStrIA

ws2_32

WSAGetLastError

crypt32

CertFindAttribute

winspool.drv

ScheduleJob

kernel32

LoadLibraryA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
WideCharToMultiByte
LCMapStringA
IsDBCSLeadByte
GetSystemTimeAsFileTime
GetLongPathNameW
GetVersionExA
IsProcessorFeaturePresent
InterlockedPushEntrySList
QueryPerformanceCounter
GetProcessHeap
GetModuleHandleA
GetProcAddress
LoadLibraryExA
GetThreadPriority
TerminateThread
GetSystemDefaultLCID
GetModuleHandleW
GetModuleFileNameW
GetBinaryTypeW
RtlUnwind
GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
Sleep
InitializeCriticalSectionAndSpinCount
IsDebuggerPresent
SetUnhandledExceptionFilter
GetLastError
HeapFree
VirtualFree
LeaveCriticalSection
EnterCriticalSection
HeapAlloc
VirtualAlloc
HeapReAlloc
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsSetValue
SetLastError
GetCurrentThreadId
CompareStringW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter

advapi32

RegCloseKey

wintrust

WintrustGetRegPolicyFlags

winmm

waveInReset
midiStreamClose

gdi32

ArcTo
CreatePatternBrush

ole32

HBITMAP_UserSize
OleCreateFromData
CoWaitForMultipleHandles

Exports

Exports

HsIhtiiiaefel

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 164KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PACK
Size: 780KB - Virtual size: 779KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

q
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CRT
Size: 216KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_MEM_READ

.reloc
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

84394f3969dcce16551d6e44e2e034dd

Headers

DLL Characteristics

File Characteristics

Imports

rpcrt4

user32

oleaut32

netapi32

shell32

psapi

shlwapi

ws2_32

crypt32

winspool.drv

kernel32

advapi32

wintrust

winmm

gdi32

ole32

Exports

Exports

Sections

.text Size: 28KB - Virtual size: 26KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 164KB - Virtual size: 169KB

PACK Size: 780KB - Virtual size: 779KB

q Size: 1.4MB - Virtual size: 1.4MB

CRT Size: 216KB - Virtual size: 215KB

.rsrc Size: 40KB - Virtual size: 38KB

.reloc Size: 68KB - Virtual size: 64KB

.text
Size: 28KB - Virtual size: 26KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 164KB - Virtual size: 169KB

PACK
Size: 780KB - Virtual size: 779KB

q
Size: 1.4MB - Virtual size: 1.4MB

CRT
Size: 216KB - Virtual size: 215KB

.rsrc
Size: 40KB - Virtual size: 38KB

.reloc
Size: 68KB - Virtual size: 64KB