307583dd7e583352c3bbf9da7ea54710_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

307583dd7e583352c3bbf9da7ea54710_NeikiAnalytics
Size

392KB
MD5

307583dd7e583352c3bbf9da7ea54710
SHA1

4d6eeb57a4f0ec4e250751aa09d2a88a134ca8a8
SHA256

e8a8d9dc4742d198ae822d6ff5f5a55b2c396309740b0e12bee93c0d1ffcec24
SHA512

4c1c56b7a153a51e952a5917942e038a110ae1d773e3b7aadcddde62dd135f17563c467087b3a8c252e7a68cc7f80ec638e9b70a1cf5ab2051cfec6c645060d7
SSDEEP

6144:nUWmw2b3L5Y0qw8F3UKY7cd2ScGYHh+r51ZgbTkJ/4:08OGyh+nm4/4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
307583dd7e583352c3bbf9da7ea54710_NeikiAnalytics

Files

307583dd7e583352c3bbf9da7ea54710_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

63e65cd2ab53b02771be1ebd86b30763

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

cblrtss

CBL_ALLOC_MEM
CBL_FREE_MEM
_mFiD7F6
_mFiD7BA
_mFiD791
ord1015
ord1245
CBL_FN_INTEGER
ord1250
_mFiD7A1
_mFiD7CC
_mFiD7B9
_mFiD7B5
ord1006
_mFiD7AA
_mFgF802
_mFiD7CB
_mFgF803
_mFiD7E6
_mFiD7E4
CBL_READ_SCR_CHATTRS
_mFgCE
EXTFH
_mFgF813
_mFgF811
_mFiD78D
_mFiD7E3
CBL_INIT_MOUSE
CBL_GET_MOUSE_POSITION
CBL_TERM_MOUSE
CBL_SET_MOUSE_MASK
CBL_GET_MOUSE_MASK
CBL_SET_MOUSE_POSITION
_COYIELD
PC_READ_KBD_SCAN
_mFiD7B4
CBL_READ_MOUSE_EVENT
_mFiD781
_mFiD783
CBL_GET_MOUSE_STATUS
_mFgproglink
_mFgprogunlock
mF_eloc
CBL_EXIT_PROC
CBL_GET_OS_INFO
CBL_DELETE_FILE
CBL_GET_CURRENT_DIR
_mFgF805
ord1021
ord1155
cobgetenv
CBL_TOUPPER
ord1246
ord1156
ord1244
CBL_CANCEL
CBL_GET_PROGRAM_INFO
CBL_FILENAME_CONVERT
CBL_MBCS_CHAR_LEN
CBL_SPLIT_FILENAME
CBL_JOIN_FILENAME
CBL_GET_FILE_INFO
CBL_NLS_GET_MSG
ord1012
CBL_CTF_TRACER_GET
_mFiD7D9
_mFgAE
CBL_CTF_TRACER_NOTIFY
CBL_CTF_COMP_PROPERTY_GET
ord1266
ord1001
CBL_CTF_TRACE
_mFgF801
CBL_OPEN_FILE
CBL_CLOSE_FILE
CBL_FLUSH_FILE
CBL_CHECK_FILE_EXIST
CBL_CREATE_FILE
CBL_WRITE_FILE
CBL_READ_FILE
ord1471
ord1370
CBL_RENAME_FILE
ord1701
CBL_CMPNLS
ord1379
ord1461
ord1294
ord1333
_mFgF800
ord1475
_mFgF806
ord1448
ord1389
cob_COYIELD
CBL_FN_CURRENT0DATE
ord1574
ord1573
ord1267
ord1579
ord1578
mF_tmpfilename
ord1463
_mFgproglock
_mFerr
CBL_COPY_FILE
CBL_LCKFILE
CBL_UNLFILE
CBL_UNLOCK
CBL_SET_SEMAPHORE
CBL_FREE_SEMAPHORE
CBL_TEST_LOCK
CBL_GET_LOCK
CBL_FREE_LOCK
CBL_OPEN_VFILE
CBL_CLOSE_VFILE
CBL_READ_VFILE
CBL_WRITE_VFILE
CBL_FN_UPPER0CASE
ord1307
ord1190
ord1206
ord1186
CBL_LOCATE_FILE
_mFginitdat_dll
ord969
ord733
ord968
ord2038
ord2006
CBL_CLASSIFY_DBCS_CHAR
_mFiD7B7
_mFiD789
CBL_SHOW_MOUSE
CBL_HIDE_MOUSE
_mFiD7E5
_mFiD782
ord1016
_mFiD7B0
_mFiD7B3
_mFiD78F
_mFiD7A7
_mFgprogchain
_mFgtypecheck
CBL_CTF_TRACER_LEVEL_GET
_mFgprogcheckexit
_mFgmain2
_mFgWinMain2
_mFfindp
ord1275
_mFgprogunchain

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__p___initenv
exit
_XcptFilter
_exit

kernel32

GetCommandLineA
GetModuleHandleA

Exports

Exports

_mFdllinfo

Sections

.text
Size: 376KB - Virtual size: 373KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

63e65cd2ab53b02771be1ebd86b30763

Headers

File Characteristics

Imports

cblrtss

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 376KB - Virtual size: 373KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 105KB

.text
Size: 376KB - Virtual size: 373KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 105KB