2deeef15e0bfd0596c098b73230ca1f0_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

2deeef15e0bfd0596c098b73230ca1f0_NeikiAnalytics
Size

7.0MB
MD5

2deeef15e0bfd0596c098b73230ca1f0
SHA1

d747700c714332878e3da53f37318b08133108dc
SHA256

43dbc85fecffbb41f547a81bf8353474c2fb7c71350bf1de404df1ef6ac1bfa0
SHA512

0fa34a0fed9106e3b4d0f160388799deea6d4804d39efdbd4340d6281c740b739b108e938c934aaa5316c1583a088f9fd55d56b1727827a4e4e5691fce8d513d
SSDEEP

98304:Uw8NYKgIatgdfTBqjx1rMmEsw9CBgkjDJdM1zzGV0vSIqc3T:D4TnIjgKwUB1d6Xk0vSBm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2deeef15e0bfd0596c098b73230ca1f0_NeikiAnalytics

Files

2deeef15e0bfd0596c098b73230ca1f0_NeikiAnalytics
.dll windows:5 windows x86 arch:x86

22d1d7f87df6989fe1723087a65f300f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Documents and Settings\Administrator\Desktop\shlexc\out\release\xyxptsvteo.pdb

Imports

kernel32

WaitForSingleObject
GetCurrentThread
GetProcessHeap
GetCommandLineA
OpenProcess
GetModuleFileNameW
GetStdHandle
GetLastError
lstrcmpiA
VirtualAlloc
LoadLibraryA
OpenMutexA
GetConsoleScreenBufferInfo
GetThreadPriority
GetModuleHandleA
ReadConsoleA
VirtualProtect
lstrcmpA
GetVersionExA
CopyFileExA
CreateThread
CompareStringW
IsProcessorFeaturePresent
WriteConsoleW
HeapSize
RtlUnwind
HeapReAlloc
GetTimeZoneInformation
LoadLibraryW
HeapAlloc
lstrcpynA
CreateMutexA
VirtualQuery
FillConsoleOutputCharacterA
GetCurrentThreadId
GetComputerNameA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
FindFirstFileExW
WideCharToMultiByte
MultiByteToWideChar
ReadFile
GetSystemTimeAsFileTime
SetFilePointer
CloseHandle
DecodePointer
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetFileType
CreateFileA
CreateFileW
EncodePointer
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetLastError
GetProcAddress
ExitProcess
WriteFile
HeapCreate
HeapDestroy
GetFullPathNameW
GetFileInformationByHandle
PeekNamedPipe
HeapFree
GetCurrentDirectoryW
SetEnvironmentVariableA
SetEnvironmentVariableW
Sleep
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetHandleCount
GetStartupInfoW
SetStdHandle
RaiseException
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetConsoleCP
GetConsoleMode
SetEndOfFile
LCMapStringW
GetStringTypeW
FlushFileBuffers

user32

DrawCaption
LoadIconW
GetDesktopWindow
GetCursorPos
PostMessageA
GetSystemMetrics
LoadCursorA
DestroyIcon
SetRect

gdi32

CreateDCA
CreateRectRgn
SetTextColor

shlwapi

PathFindFileNameA
PathCombineA
PathRemoveFileSpecW

comctl32

ImageList_ReplaceIcon
ImageList_Create

Exports

Exports

YklxyzLMNOabcSTG
ilsvztovgctursuw
kvforvjvgwuq
obgyutgxz
ooocdsvzfxl
yfslbsffcfpb
ypagnacmlidrorpk

Sections

.text
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 6.9MB - Virtual size: 6.9MB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

22d1d7f87df6989fe1723087a65f300f

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

shlwapi

comctl32

Exports

Exports

Sections

.text Size: 73KB - Virtual size: 72KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 5KB - Virtual size: 13KB

.reloc Size: 6KB - Virtual size: 6KB

.rsrc Size: 6.9MB - Virtual size: 6.9MB

.text
Size: 73KB - Virtual size: 72KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 5KB - Virtual size: 13KB

.reloc
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 6.9MB - Virtual size: 6.9MB