a00a10ef1339aee90a5defa0ab16cd10_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

a00a10ef1339aee90a5defa0ab16cd10_NeikiAnalytics
Size

9.9MB
MD5

a00a10ef1339aee90a5defa0ab16cd10
SHA1

7bd721a4c78455ddb6c693320ce5be150b28670c
SHA256

d734f73ab2f118ea7ca6676e2b2758ff60aa94d0c28a9cbe7187543ee0601cc2
SHA512

7e54123b07f0f30947908cf3f6488a92008539693fb13d2ff25d9d82a26e40e565f46ea9bff224f767cf409905511231fa382cdced2ebb166699c6b527a37f8d
SSDEEP

49152:D2zbYWWPESPRIJEKz0bluEc7LMDkaWbHqUqY6QCqnzCL6yehtj8qlcMjSy8LlfJ5:eo/6C8UEyXX7s86ni9AXAJtL8ZDL0Nk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a00a10ef1339aee90a5defa0ab16cd10_NeikiAnalytics

Files

a00a10ef1339aee90a5defa0ab16cd10_NeikiAnalytics
.exe windows:4 windows x64 arch:x64

7b0aea11265f18f3d6126046e1a0dcd1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

ws2_32

WSAGetOverlappedResult

advapi32

CryptAcquireContextW
CryptGenRandom
CryptReleaseContext

ntdll

NtWaitForSingleObject

kernel32

VirtualAlloc
VirtualFree
CreateIoCompletionPort
GetQueuedCompletionStatus
AddVectoredExceptionHandler
CloseHandle
CreateEventA
CreateThread
CreateWaitableTimerA
DuplicateHandle
ExitProcess
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetProcAddress
GetStdHandle
GetSystemInfo
GetThreadContext
LoadLibraryW
LoadLibraryA
ResumeThread
SetConsoleCtrlHandler
SetEvent
SetProcessPriorityBoost
SetThreadPriority
SetUnhandledExceptionFilter
SetWaitableTimer
SuspendThread
WaitForSingleObject
WriteFile

winmm

timeBeginPeriod

Sections

.text
Size: 6.9MB - Virtual size: 6.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 130KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 512B - Virtual size: 253B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/18
Size: 269KB - Virtual size: 269KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/30
Size: 309KB - Virtual size: 309KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/43
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/55
Size: 360KB - Virtual size: 360KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/71
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/87
Size: 512B - Virtual size: 48B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.symtab
Size: 509KB - Virtual size: 509KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7b0aea11265f18f3d6126046e1a0dcd1

Headers

File Characteristics

Imports

ws2_32

advapi32

ntdll

kernel32

winmm

Sections

.text Size: 6.9MB - Virtual size: 6.9MB

.data Size: 130KB - Virtual size: 263KB

/4 Size: 512B - Virtual size: 253B

/18 Size: 269KB - Virtual size: 269KB

/30 Size: 309KB - Virtual size: 309KB

/43 Size: 1.3MB - Virtual size: 1.3MB

/55 Size: 360KB - Virtual size: 360KB

/71 Size: 163KB - Virtual size: 163KB

/87 Size: 512B - Virtual size: 48B

.idata Size: 1KB - Virtual size: 1KB

.symtab Size: 509KB - Virtual size: 509KB

.text
Size: 6.9MB - Virtual size: 6.9MB

.data
Size: 130KB - Virtual size: 263KB

/4
Size: 512B - Virtual size: 253B

/18
Size: 269KB - Virtual size: 269KB

/30
Size: 309KB - Virtual size: 309KB

/43
Size: 1.3MB - Virtual size: 1.3MB

/55
Size: 360KB - Virtual size: 360KB

/71
Size: 163KB - Virtual size: 163KB

/87
Size: 512B - Virtual size: 48B

.idata
Size: 1KB - Virtual size: 1KB

.symtab
Size: 509KB - Virtual size: 509KB