7f8b7bb02fd60e04c5330786433a3a20_NeikiAnalytics

Sharing

Copy URL

Twitter E-mail

General

Target

7f8b7bb02fd60e04c5330786433a3a20_NeikiAnalytics
Size

66KB
MD5

7f8b7bb02fd60e04c5330786433a3a20
SHA1

2ba2d0f109a8ca673c3af92249ede27e88a539f1
SHA256

4193812a72c3a64989c8713f922b36b710e1845be7e4b0e16b45d7259bab1010
SHA512

aae17ff2007e4d1c848edb476a22b883906df814660203b83a292547e17ef4cb27e66145f9765e20de249b0df0e84625a95a7e5bc1130d72fc8a36b965447350
SSDEEP

1536:Nit0Nl3HQc8+Vldyc5Rd5AKoD0JWgRF+R5TR:60HHQcBVPTQKoDysz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7f8b7bb02fd60e04c5330786433a3a20_NeikiAnalytics

Files

7f8b7bb02fd60e04c5330786433a3a20_NeikiAnalytics
.exe windows:5 windows x86 arch:x86

dd5ae63f945960286b528abe8b23f80a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

rtl240.bpl

@System@initialization$qqrv
@System@Finalization$qqrv
@System@RegisterModule$qqrp17System@TLibModule
@System@@Halt0$qqrv
@System@@StartExe$qqrp23System@PackageInfoTablep17System@TLibModule
@System@@DoneExcept$qqrv
@System@@HandleAnyException$qqrv

kernel32

GetProcAddress
RaiseException
LoadLibraryA
GetLastError
LocalFree
LocalAlloc
GetModuleHandleW
FreeLibrary

stglib240

CBGrepShow

Exports

Exports

__dbk_fcall_wrapper
dbkFCallWrapperAddr

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 24B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 678B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 111B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 69B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 172B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dd5ae63f945960286b528abe8b23f80a

Headers

File Characteristics

Imports

rtl240.bpl

kernel32

stglib240

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 3KB

.itext Size: 512B - Virtual size: 44B

.data Size: 512B - Virtual size: 120B

.bss Size: - Virtual size: 24B

.idata Size: 1024B - Virtual size: 678B

.edata Size: 512B - Virtual size: 111B

.rdata Size: 512B - Virtual size: 69B

.reloc Size: 512B - Virtual size: 172B

.rsrc Size: 58KB - Virtual size: 58KB

.text
Size: 3KB - Virtual size: 3KB

.itext
Size: 512B - Virtual size: 44B

.data
Size: 512B - Virtual size: 120B

.bss
Size: - Virtual size: 24B

.idata
Size: 1024B - Virtual size: 678B

.edata
Size: 512B - Virtual size: 111B

.rdata
Size: 512B - Virtual size: 69B

.reloc
Size: 512B - Virtual size: 172B

.rsrc
Size: 58KB - Virtual size: 58KB