7f16dcbd02481fc3b2172b3964f378c0_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

7f16dcbd02481fc3b2172b3964f378c0_NeikiAnalytics
Size

40KB
MD5

7f16dcbd02481fc3b2172b3964f378c0
SHA1

78bec035851ef0213a82da1d8ddbaaaefdaeadec
SHA256

05cf6478373c76fac32a911973a900d4a62d164de4caec8c63c0b355c1e18de3
SHA512

bfb4ae339af8bd528b6ee4e2737a03983e946ef17c27567518c225d3d4110a30f94e45ce25b541d838116ba8260585e1bdd2100a5536ab0cddf5d366427d2482
SSDEEP

96:I5UNrySKKRqQZHAce1Xh5ywT5JfoCDrcq5xug2JkElLc:I5O2oZE5ywT5JQCDIq5xx2CElg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7f16dcbd02481fc3b2172b3964f378c0_NeikiAnalytics

Files

7f16dcbd02481fc3b2172b3964f378c0_NeikiAnalytics
.dll windows:4 windows x64 arch:x64

99c52bb2c52c22fec22b6270c6ed17e2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DisableThreadLibraryCalls
GetModuleHandleA
GetProcAddress
GetTickCount
HeapAlloc
HeapReAlloc
RaiseException

ucrtbase

__acrt_iob_func
__stdio_common_vsprintf
_strdup
free
fwrite
getenv
memcmp
memmove
strchr
strcmp
strcpy
strcspn
strlen

Exports

Exports

DisableSR
DisableSRInternal
EnableSR
EnableSREx
EnableSRInternal
SRNewSystemId
SRRemoveRestorePoint
SRSetRestorePointA
SRSetRestorePointInternal
SRSetRestorePointW
SetSRStateAfterSetup
SysprepCleanup
SysprepGeneralize

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 4KB - Virtual size: 196B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 4KB - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 320B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 804B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

99c52bb2c52c22fec22b6270c6ed17e2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ucrtbase

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 64B

.rodata Size: 4KB - Virtual size: 196B

.rdata Size: 4KB - Virtual size: 384B

.pdata Size: 4KB - Virtual size: 192B

.xdata Size: 4KB - Virtual size: 176B

.bss Size: - Virtual size: 320B

.edata Size: 4KB - Virtual size: 1KB

.idata Size: 4KB - Virtual size: 804B

.reloc Size: 4KB - Virtual size: 16B

.text
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 64B

.rodata
Size: 4KB - Virtual size: 196B

.rdata
Size: 4KB - Virtual size: 384B

.pdata
Size: 4KB - Virtual size: 192B

.xdata
Size: 4KB - Virtual size: 176B

.bss
Size: - Virtual size: 320B

.edata
Size: 4KB - Virtual size: 1KB

.idata
Size: 4KB - Virtual size: 804B

.reloc
Size: 4KB - Virtual size: 16B