9a69c56e7dd63e06938ef1538ad973c0_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

9a69c56e7dd63e06938ef1538ad973c0_NeikiAnalytics
Size

34KB
MD5

9a69c56e7dd63e06938ef1538ad973c0
SHA1

424bf38198d39ba8aa64ef2dcb04eeb83215fceb
SHA256

192774838c12bb87c147eda28e33131f358804a28c7c99588c0c54d25ff466f5
SHA512

5a4d88e9198de206dd7a7154e33d96a5be295a73d3ce0916d18fd13c744524666074008569af02eea59b8a94d3dbd5f056cbe3129a6f2fd3b304ce2e94517525
SSDEEP

768:cpj1lllXdlLSMr7Xx7mWj2Y10YpN4nVnD0:crXUBY10YpynVn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9a69c56e7dd63e06938ef1538ad973c0_NeikiAnalytics

Files

9a69c56e7dd63e06938ef1538ad973c0_NeikiAnalytics
.exe windows:6 windows x86 arch:x86

8223dc8522bf83e3c96f7935742f11a8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\users\user\documents\visual studio 2013\Projects\Project19\Debug\Project19.pdb

Imports

msvcr120d

_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
?terminate@@YAXXZ
__crtSetUnhandledExceptionFilter
_lock
_unlock
_commode
__dllonexit
_onexit
_invoke_watson
_controlfp_s
_except_handler4_common
wcscpy_s
_wmakepath_s
_wsplitpath_s
_fmode
__initenv
_initterm
_initterm_e
__setusermatherr
_configthreadlocale
_cexit
_exit
exit
_CrtSetCheckCount
_CrtDbgReportW
__set_app_type
__getmainargs
_amsg_exit
_XcptFilter
_CRT_RTC_INITW
sqrt
pow
printf
fprintf
_calloc_dbg
fopen

kernel32

GetModuleFileNameW
FreeLibrary
VirtualQuery
GetProcessHeap
HeapFree
HeapAlloc
DecodePointer
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
WideCharToMultiByte
MultiByteToWideChar
LoadLibraryExW
GetProcAddress
GetLastError
RaiseException
IsDebuggerPresent
EncodePointer
GetModuleHandleW

Sections

.textbss
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8223dc8522bf83e3c96f7935742f11a8

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcr120d

kernel32

Sections

.textbss Size: - Virtual size: 64KB

.text Size: 18KB - Virtual size: 18KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 1KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.textbss
Size: - Virtual size: 64KB

.text
Size: 18KB - Virtual size: 18KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 1KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB