3ce91db099215e64525123ac8c405010_NeikiAnalytics

Sharing

Copy URL

Twitter E-mail

General

Target

3ce91db099215e64525123ac8c405010_NeikiAnalytics
Size

100KB
MD5

3ce91db099215e64525123ac8c405010
SHA1

8c5d8c2016b4f2db47d1eafbb8d2a5532b76669b
SHA256

f14c25efeb81bc8ed61d36c478c9244002fa4b4ea42609fd2f9e8505f7f94fbd
SHA512

257f87629dcd9ecde8ceb54faa4bdb78a3ae7bf4d856b682007f21ad83ccdbdc8f44e42b1097faecd719dca56614ef9851ab937e29728c13aca5d6446623d1d9
SSDEEP

3072:GYnITrTeQ7xIFt/6gd7QCxW/9kLtgpYkgPl:ETrTeQ7ayIQCxq9xYP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ce91db099215e64525123ac8c405010_NeikiAnalytics

Files

3ce91db099215e64525123ac8c405010_NeikiAnalytics
.dll windows:4 windows x86 arch:x86

f0084c6a23b5fa07a268262202bc2073

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLocalTime
LockResource
LoadResource
FindResourceA
GlobalLock
LoadLibraryA
GetProcAddress
FreeResource
GlobalUnlock
GlobalHandle
CloseHandle
ReadFile
GetFileSize
CreateFileA
GetSystemDirectoryA
GlobalAlloc
GlobalFree
TerminateProcess
FreeEnvironmentStringsW
MultiByteToWideChar
RaiseException
RtlUnwind
GetCommandLineA
GetVersion
HeapFree
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
SetUnhandledExceptionFilter
HeapAlloc
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
FreeLibrary
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
LCMapStringW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
SetFilePointer
InterlockedDecrement
InterlockedIncrement
LCMapStringA
GetStringTypeA
GetStringTypeW
SetStdHandle
FlushFileBuffers
GetLocaleInfoA
GetLocaleInfoW

user32

wsprintfA
MessageBoxA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

Exports

Exports

BandOut
DestroyJob
InitJob
InitPage
ResetJob
TerminatePage
TerminatePageEx

Sections

.text
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f0084c6a23b5fa07a268262202bc2073

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 69KB - Virtual size: 68KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 14KB - Virtual size: 20KB

.rsrc Size: 1024B - Virtual size: 1008B

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 69KB - Virtual size: 68KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 14KB - Virtual size: 20KB

.rsrc
Size: 1024B - Virtual size: 1008B

.reloc
Size: 6KB - Virtual size: 5KB