5388fb761dc5de9bb2e5a3db2c5ed9a0_NeikiAnalytics | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5388fb761dc5de9bb2e5a3db2c5ed9a0_NeikiAnalytics
Size

354KB
MD5

5388fb761dc5de9bb2e5a3db2c5ed9a0
SHA1

d02f994d31f18236b3d4e298e329ac945da21f2a
SHA256

21c6916885e4e66e704544bea719b80b736669bb4a5559e6aa7d2935568f5d76
SHA512

bd6dbc4a3c0d6072c37830f41b2b592faafaf034b1c28a9b38bff28bbe294218c5acdbb3a11cf94a59741ad3afdcb7fc01fe3d3d0a44c3518dfb341f3aac39d6
SSDEEP

6144:0Fmz/9NOEHyJ86RCf6KJUCs7eQo3n7O5W6IIIIPsNScbZvTBlOkD:0Fm/SSUK6qUCs7uK5WHPZvTX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5388fb761dc5de9bb2e5a3db2c5ed9a0_NeikiAnalytics

Files

5388fb761dc5de9bb2e5a3db2c5ed9a0_NeikiAnalytics
.dll windows:5 windows x86 arch:x86

039bcbc605477e8e87ec550c2e60e748

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyW
lstrcpynW
GetProcAddress
WideCharToMultiByte
lstrcatW
lstrlenW
lstrcmpiW
LoadLibraryW
GetModuleHandleW
MultiByteToWideChar
VirtualAlloc
VirtualProtect
FreeLibrary

user32

wsprintfW

ole32

CLSIDFromString
StringFromGUID2

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 963B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ