a1b215c44dc16e8cb99f7e541fe48050_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

a1b215c44dc16e8cb99f7e541fe48050_NeikiAnalytics
Size

701KB
MD5

a1b215c44dc16e8cb99f7e541fe48050
SHA1

36ed3e857d8257ab4bb410f7e7288fe6afe0292c
SHA256

b00155863f27945c5b5456f27ea286e9652a8da603d117d43bebb69ad5a25e23
SHA512

24ecc3a71ca25c90e3af334be2ff118bd35beb0a2948f0e702905b8a4c7996f5f470903fc67f107645df6848b3ef9aeb54a4d38058e8de5701d8760aed781e0b
SSDEEP

12288:jGsDvPYxC7wNl1F5ejj8Tq34s66AQGPjVBZzs9Tq7fuPWgLTWdo5R9ljx35RV:jG4BMPPT+r6rQGP5BOFq7WPWgLScZt39

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a1b215c44dc16e8cb99f7e541fe48050_NeikiAnalytics

Files

a1b215c44dc16e8cb99f7e541fe48050_NeikiAnalytics
.exe windows:10 windows x64 arch:x64

aa30d00fd395b4be9ee8cfcfe3df8674

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

vstorcontrol.pdb

Imports

kernel32

CreateDirectoryW
GetFullPathNameW
GetModuleFileNameW
SetErrorMode
SetEndOfFile
CreateFileW
GetFileAttributesW
GetVolumeNameForVolumeMountPointW
Sleep
FormatMessageW
GetLastError
CloseHandle
HeapSetInformation
SetVolumeMountPointW
SetFilePointerEx
LocalFree
GetVolumePathNamesForVolumeNameW
DeleteVolumeMountPointW
MultiByteToWideChar
GetStringTypeW
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
FindNextVolumeW
CopyFileW
FindVolumeClose
DeviceIoControl
lstrlenW
SetLastError
FindFirstVolumeW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetModuleHandleW
SetUnhandledExceptionFilter
InitializeCriticalSectionEx
DecodePointer
EncodePointer

msvcrt

___lc_handle_func
___lc_codepage_func
calloc
___mb_cur_max_func
_ismbblead
abort
_wcsdup
__crtLCMapStringW
_wsetlocale
ungetwc
_XcptFilter
_amsg_exit
__wgetmainargs
__set_app_type
exit
_exit
_cexit
__setusermatherr
_initterm
__C_specific_handler
_fmode
_commode
__dllonexit
_onexit
??1type_info@@UEAA@XZ
?terminate@@YAXXZ
__pctype_func
__mb_cur_max
memset
fputwc
fgetwc
ungetc
setvbuf
fwrite
memcpy_s
_fseeki64
fsetpos
fgetpos
fgetc
fflush
fclose
__iob_func
??0exception@@QEAA@AEBQEBDH@Z
__uncaught_exception
memmove
memcpy
_CxxThrowException
setlocale
_unlock
_lock
_callnewh
malloc
_errno
sprintf_s
towupper
free
localeconv
_wtoi64
??0exception@@QEAA@AEBV0@@Z
??0exception@@QEAA@AEBQEBD@Z
??0exception@@QEAA@XZ
??1exception@@UEAA@XZ
?what@exception@@UEBAPEBDXZ
_purecall
??3@YAXPEAX@Z
strcspn
_wtoi
toupper
_itow
_wfopen
??0bad_cast@@QEAA@AEBV0@@Z
??0bad_cast@@QEAA@PEBD@Z
??1bad_cast@@UEAA@XZ
??_V@YAXPEAX@Z
__CxxFrameHandler3

shlwapi

PathIsRelativeW

ole32

StringFromGUID2
CLSIDFromString
CoCreateGuid

newdev

UpdateDriverForPlugAndPlayDevicesW

user32

MessageBoxW

rpcrt4

RpcStringFreeW
UuidToStringW

setupapi

SetupDiCallClassInstaller
SetupDiSetDeviceRegistryPropertyW
SetupDiCreateDeviceInfoW
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
SetupDiCreateDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyW
SetupDiGetClassDevsW
SetupDiGetDeviceInterfaceDetailW
SetupDiGetINFClassW

Sections

.text
Size: 82KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 568KB - Virtual size: 572KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

aa30d00fd395b4be9ee8cfcfe3df8674

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

msvcrt

shlwapi

ole32

newdev

user32

rpcrt4

setupapi

Sections

.text Size: 82KB - Virtual size: 81KB

.rdata Size: 42KB - Virtual size: 41KB

.data Size: 1KB - Virtual size: 4KB

.pdata Size: 5KB - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 568KB - Virtual size: 572KB

.text
Size: 82KB - Virtual size: 81KB

.rdata
Size: 42KB - Virtual size: 41KB

.data
Size: 1KB - Virtual size: 4KB

.pdata
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 568KB - Virtual size: 572KB