a5843b494459c6b529fa8dddb632ccb0_NeikiAnalytics

General

Target

a5843b494459c6b529fa8dddb632ccb0_NeikiAnalytics
Size

844KB
MD5

a5843b494459c6b529fa8dddb632ccb0
SHA1

4f91292e7ae2323a10cd5a707e0cb1769fd94beb
SHA256

ce16ee925ee9657edc3fe646b46e37b87c5bea69d9cc666d9a086c9b7bde4454
SHA512

9659cbf55499efd859ebcdd9202058f894ebc04cd802a9c6d0b1485f1387043ab2298145b12bdd9ec3be1c3d1faa427f29995ca217bfeb20bc39452108bcb92c
SSDEEP

12288:sb3b7mLWu06UEPVZ5z39jjyao7ugsofQQJ87g8jD/:sznm7UE9IaouooQRUD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a5843b494459c6b529fa8dddb632ccb0_NeikiAnalytics

Files

a5843b494459c6b529fa8dddb632ccb0_NeikiAnalytics
.dll windows:4 windows x86 arch:x86

aafd7c213271085af112691e864dec5f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

t:\ACE\x86\ship\1033.pre\acewstr.pdb

Imports

msvcr80

?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
_onexit
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
_crt_debugger_hook
_except_handler4_common
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
_malloc_crt
_encode_pointer
_wassert
_stricmp
memcpy
memset
wcsrchr
memmove
malloc
free

kernel32

LocalAlloc
GetSystemDefaultLCID
LoadLibraryA
GetSystemDirectoryW
LoadLibraryExW
LoadLibraryW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetModuleHandleW
GetProcessHeap
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GlobalFree
DeleteCriticalSection
InitializeCriticalSection
LockResource
LoadResource
FindResourceA
FreeLibrary
GetProcAddress
GlobalAlloc
GetUserDefaultLCID
GetLastError
LeaveCriticalSection
EnterCriticalSection
RaiseException
VirtualProtect
QueryPerformanceCounter
GetTickCount

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

ole32

StringFromGUID2

Sections

.text
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 536KB - Virtual size: 536KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 212KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aafd7c213271085af112691e864dec5f

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcr80

kernel32

advapi32

ole32

Sections

.text Size: 88KB - Virtual size: 86KB

.data Size: 536KB - Virtual size: 536KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 212KB - Virtual size: 212KB

.text
Size: 88KB - Virtual size: 86KB

.data
Size: 536KB - Virtual size: 536KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 212KB - Virtual size: 212KB