261a2e0fa6cef36b77708c5f4157e0a0_NeikiAnalytics | Triage

Sharing

General

Target

261a2e0fa6cef36b77708c5f4157e0a0_NeikiAnalytics
Size

24KB
MD5

261a2e0fa6cef36b77708c5f4157e0a0
SHA1

be746aff26441e8768b5c8a898d428a25799dc82
SHA256

d017c7023c592c3460db3d307a2c696fd47874dbdf864e67f07fe19331a96526
SHA512

12ba2521c129a2ea3fbb4729368f9fd7e3abb75207b997e78dc89601dc6e4315240a68b683c6c0dead7abd62f7518c478bc6263a32430805cac3c845fe1a77be
SSDEEP

192:cfeAfWm8Z8TQya/H4DFLH4lrUdalz1ToXc:QuFJ/H4BsloalzP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
261a2e0fa6cef36b77708c5f4157e0a0_NeikiAnalytics

Files

261a2e0fa6cef36b77708c5f4157e0a0_NeikiAnalytics
.dll windows:4 windows x86 arch:x86

054b9ef11c20291fdd1cf59ba9cd2238

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteFileA
TerminateProcess
OutputDebugStringA
FindClose
FindNextFileA
FindFirstFileA
Sleep
DisableThreadLibraryCalls
CreateProcessA
GetLastError

user32

GetWindowThreadProcessId
GetClassNameA
GetParent
CloseDesktop
SendMessageA
EnumDesktopWindows
PostMessageA
CreateDesktopA
OpenDesktopA
SetForegroundWindow
EnumChildWindows

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

shell32

SHGetSpecialFolderPathA

ws2_32

WSAStartup
connect
setsockopt
socket
htons
recv
closesocket
shutdown
inet_addr
gethostbyname
WSACleanup
send

msvcrt

_adjust_fdiv
_initterm
time
srand
atoi
strchr
rand
strcmp
strcat
strcpy
_strcmpi
realloc
sprintf
malloc
strstr
free
strlen
memset
memcpy

Exports

Exports

GetDLlVersion
Run
Sunbelt

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 672B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 740B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ