102c0a341eb324f52a4a480c8978da80_NeikiAnalytics

Sharing

Copy URL

Twitter E-mail

General

Target

102c0a341eb324f52a4a480c8978da80_NeikiAnalytics
Size

28KB
MD5

102c0a341eb324f52a4a480c8978da80
SHA1

6cc7765ae891cdee5431d679c510837db917fd82
SHA256

e8b33433767364ac61e4acbe3e5af5d4e7e320254ab5d79445b90aba28dc74f3
SHA512

bc53428c31f75564fe72d189badad1ca95134a436eea046fcb3b3230bca929b5c3877aef8941acfbaff6ebea07f235b4f652371ea8af159f2d6799659b317479
SSDEEP

768:jMORR/8SSuNEE36ioJIWIl+tLMcjV4+kkoVV:jMORRlSSEEfJl8xmjf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
102c0a341eb324f52a4a480c8978da80_NeikiAnalytics

Files

102c0a341eb324f52a4a480c8978da80_NeikiAnalytics
.dll windows:6 windows x86 arch:x86

8da8b9d66973e091b4920644180ea955

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetTickCount
InitializeCriticalSectionEx
GetLastError
DeleteCriticalSection
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
OutputDebugStringW
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
CloseHandle
LocalFree
LocalAlloc
GetProcAddress
GetModuleHandleW
QueryPerformanceCounter
IsDebuggerPresent
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent

mfc140u

ord2399
ord1511
ord265
ord1045
ord296
ord1513
ord3849
ord1514
ord325
ord1053
ord2365
ord2246
ord324
ord1052
ord2408
ord2411
ord2376
ord2410
ord485
ord2268
ord2374
ord2184
ord2300

vcruntime140

_except_handler4_common
memset
__CxxFrameHandler3
__std_type_info_destroy_list

api-ms-win-crt-utility-l1-1-0

rand
srand

api-ms-win-crt-time-l1-1-0

_time64

api-ms-win-crt-heap-l1-1-0

free

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_register_onexit_function
_configure_narrow_argv
_execute_onexit_table
_crt_atexit
_initterm_e
_initterm
_cexit
_seh_filter_dll
_initialize_narrow_environment

Exports

Exports

FetalSimInitialize
FetalSimShutdown
FetalSimUpdate
FetalSimUpdateApplication
FetalSimUpdateRequestSent

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8da8b9d66973e091b4920644180ea955

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

mfc140u

vcruntime140

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

Exports

Exports

Sections

.text Size: 18KB - Virtual size: 18KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 1024B - Virtual size: 3KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 18KB - Virtual size: 18KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 1024B - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 2KB - Virtual size: 1KB