2bfbc8bafa9d2b8a5108c6a58c0b28f0_NeikiAnalytics

Sharing

Copy URL

Twitter E-mail

General

Target

2bfbc8bafa9d2b8a5108c6a58c0b28f0_NeikiAnalytics
Size

128KB
MD5

2bfbc8bafa9d2b8a5108c6a58c0b28f0
SHA1

698f8a450921eb7e4e4516a0e590614882fca319
SHA256

9017124249263a19d2e1bd7e9ddfa755f0cdcdc2222cd2a3afd6702aef303959
SHA512

f88daa922c27ba6e4fa2fa134e006dcfda0ce2d959dc6902d607978ca90d5073f45efe4a5e9d1cdbbd11b0eee49fb92c6743c50b006c467ff01caed74624fcec
SSDEEP

3072:CMWSGmj6LQuvm2xTKnKSkE5tRoUVFr2Jb:Z4Qgm2xTOKSzVeb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2bfbc8bafa9d2b8a5108c6a58c0b28f0_NeikiAnalytics

Files

2bfbc8bafa9d2b8a5108c6a58c0b28f0_NeikiAnalytics
.dll windows:1 windows x86 arch:x86

03f82279c7d42b20f49d714ed6cdc218

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

CloseHandle
CreateFileA
CreateFileW
DeleteCriticalSection
DeleteFileA
DosDateTimeToFileTime
EnterCriticalSection
ExitProcess
FileTimeToDosDateTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindNextFileA
FreeEnvironmentStringsA
GetACP
GetCPInfo
GetCurrentDirectoryA
GetCurrentProcessId
GetCurrentThreadId
GetDriveTypeA
GetEnvironmentStrings
GetFileAttributesA
GetFileAttributesW
GetFileTime
GetFileType
GetFullPathNameA
GetLastError
GetLocalTime
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetShortPathNameA
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemDefaultLangID
GetTimeZoneInformation
GetUserDefaultLCID
GetVersion
GetVersionExA
GetVolumeInformationA
GlobalAlloc
GlobalFree
GlobalLock
GlobalMemoryStatus
GlobalUnlock
HeapAlloc
HeapFree
InitializeCriticalSection
IsValidLocale
LCMapStringA
LeaveCriticalSection
LoadLibraryA
LocalFileTimeToFileTime
MoveFileA
MultiByteToWideChar
RaiseException
ReadFile
RemoveDirectoryA
RtlUnwind
SetConsoleCtrlHandler
SetCurrentDirectoryA
SetFileAttributesA
SetFilePointer
SetFileTime
SetHandleCount
SetLastError
SetThreadLocale
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualQuery
WideCharToMultiByte
WriteFile

user32

CharToOemBuffA
DialogBoxParamA
EndDialog
EnumThreadWindows
MessageBoxA
OemToCharBuffA
SendDlgItemMessageA
SendMessageA
wsprintfA
wvsprintfA

Exports

Exports

GetZipDllVersion
ZipDllExec
___CPPdebugHook

Sections

.text
Size: 98KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

03f82279c7d42b20f49d714ed6cdc218

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 98KB - Virtual size: 100KB

.data Size: 18KB - Virtual size: 36KB

.tls Size: 512B - Virtual size: 4KB

.idata Size: 2KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 98KB - Virtual size: 100KB

.data
Size: 18KB - Virtual size: 36KB

.tls
Size: 512B - Virtual size: 4KB

.idata
Size: 2KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB