92d26c36207f859f5e3a65b379ab5490_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

92d26c36207f859f5e3a65b379ab5490_NeikiAnalytics
Size

241KB
MD5

92d26c36207f859f5e3a65b379ab5490
SHA1

1dd9f8d205dfa68995c38fff82abe7a9e552bf89
SHA256

3cecb5dfa7e0af0ee02fbf933630411801a313f036d7d586b922975e5d49e634
SHA512

767bfb32d7236d4f5ed30b7a53fca2e93809a07e8eb92b8947acb5c1ffa9f4f236c91333727e7a3cf7c938aad7a092b6a0877f6126206883fcfb733614fcb10a
SSDEEP

6144:FfA7keHSnzBrhBmdpiv7E6kgiYJOuhK/v:ZeytrhgdRpgvY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
92d26c36207f859f5e3a65b379ab5490_NeikiAnalytics

Files

92d26c36207f859f5e3a65b379ab5490_NeikiAnalytics
.dll windows:6 windows x64 arch:x64

f539c1377440be0d0d1ac8935a3b3669

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

cudart64_65

__cudaRegisterFunction
__cudaRegisterVar
__cudaUnregisterFatBinary
__cudaRegisterFatBinary
cudaMemcpyToSymbol
cudaLaunch
cudaSetupArgument
cudaConfigureCall

msvcr110

_lock
_unlock
_calloc_crt
__dllonexit
__C_specific_handler
_onexit
__CppXcptFilter
_amsg_exit
free
_malloc_crt
_initterm
_initterm_e
__crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
__crtCapturePreviousContext
__clean_type_info_names_internal

kernel32

GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
IsDebuggerPresent
DecodePointer
EncodePointer

Exports

Exports

B
I
Info
M
Verify

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 324B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nv_fatb
Size: 231KB - Virtual size: 231KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nvFatBi
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 156B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f539c1377440be0d0d1ac8935a3b3669

Headers

DLL Characteristics

File Characteristics

Imports

cudart64_65

msvcr110

kernel32

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 17KB

.pdata Size: 512B - Virtual size: 324B

.nv_fatb Size: 231KB - Virtual size: 231KB

.nvFatBi Size: 512B - Virtual size: 24B

.reloc Size: 512B - Virtual size: 156B

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 17KB

.pdata
Size: 512B - Virtual size: 324B

.nv_fatb
Size: 231KB - Virtual size: 231KB

.nvFatBi
Size: 512B - Virtual size: 24B

.reloc
Size: 512B - Virtual size: 156B