c19d2519fa67a299ee689587efed30c0_NeikiAnalytics | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c19d2519fa67a299ee689587efed30c0_NeikiAnalytics
Size

338KB
MD5

c19d2519fa67a299ee689587efed30c0
SHA1

df61038372a10a56b36b9aa0b6e2dfd410d87205
SHA256

66451a092bcc647c947f077a5529ad22be85dfbc7733dbbd4b30a5faff8350a8
SHA512

4c08397b4b008a35abd4a62b66a6ae82c2e29ace0c5b2e4c3b243aeeb3a0d86751ff07aa5c7ad30a6c1f5aa5027cbed0000ee383e7cd219e50c0d51ef8293c0c
SSDEEP

6144:Tnc64DCtD752cycYt4Tl9HSw4T2xmEKhDYfJE9kfIy4jNYoZooqwNgk:TcdK75tHYt4rj4TCxDfIyUjodk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c19d2519fa67a299ee689587efed30c0_NeikiAnalytics

Files

c19d2519fa67a299ee689587efed30c0_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

c8db18b15f5c8c175c215d1a4ff34beb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsDebuggerPresent
InterlockedExchange
GetLogicalDrives
GetCurrentThread
GetACP
GetProcessVersion
HeapDestroy
GetTimeFormatA
GlobalMemoryStatus
VirtualProtect
GetProcessHeap
HeapQueryInformation
LoadLibraryExA
HeapCreate
WaitForSingleObject
GetStdHandle
GetEnvironmentStringsA
GetTapeStatus
CreateIoCompletionPort
GetModuleHandleA
GetCurrentProcessId

user32

GetWindow
ShowWindow
SetForegroundWindow
GetFocus
DragDetect
GetCursorPos
SetActiveWindow
GetTitleBarInfo
EndPaint
GetParent
GetClassNameA
BeginPaint
FillRect
FrameRect
GetWindowTextLengthA
ReleaseDC
GetDlgItem
DrawTextA
wsprintfA

gdi32

CreateBitmap
CloseFigure
GetClipBox
GetLayout
CreatePalette

setupapi

SetupCloseLog

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 780KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ