cad85e5ae86f08b7ab1bed69cc8ed840_NeikiAnalytics

Sharing

Copy URL

Twitter E-mail

General

Target

cad85e5ae86f08b7ab1bed69cc8ed840_NeikiAnalytics
Size

54KB
MD5

cad85e5ae86f08b7ab1bed69cc8ed840
SHA1

01c4c5129c5493066d413dac4397684408daff1d
SHA256

2958700d56830c4d014dbc357897c1e69448c04a16feee300b69b81663cee673
SHA512

3f67ba0f6c74352456a25a0d280fb27240273fc58e58ed97fe2dfbd9c0103e0f4a8d8b8a4a20aebebac0f4db4027a0c699f915ef64ec24cff61968cf23f968b8
SSDEEP

768:GqLQ0pZ3TKJ04KfYBq+89liXVPgdKfKWwSamvOVP8KgzliTLycEh6Y:GqppEJwfQ+QnaWOVPZ+h/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cad85e5ae86f08b7ab1bed69cc8ed840_NeikiAnalytics

Files

cad85e5ae86f08b7ab1bed69cc8ed840_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

b249604225225b652098bfc0f480ef74

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

libgio-2.0-0

g_bus_get_sync
g_bus_unwatch_name
g_bus_watch_name_on_connection
g_dbus_connection_call_sync
g_dbus_connection_emit_signal
g_dbus_connection_flush_sync
g_dbus_connection_get_unique_name
g_dbus_connection_new_for_address_sync
g_dbus_connection_signal_subscribe
g_dbus_connection_signal_unsubscribe
g_dbus_error_quark
g_dbus_interface_info_lookup_method
g_dbus_is_interface_name
g_dbus_is_member_name
g_dbus_is_name
g_dbus_is_unique_name
g_dbus_node_info_lookup_interface
g_dbus_node_info_new_for_xml
g_dbus_node_info_unref
g_io_error_quark

libglib-2.0-0

_glib_get_locale_dir
g_ascii_table
g_assertion_message_expr
g_error_free
g_error_matches
g_free
g_hash_table_add
g_hash_table_get_keys
g_hash_table_insert
g_hash_table_lookup
g_hash_table_new_full
g_hash_table_unref
g_list_free
g_list_sort
g_main_context_iteration
g_main_loop_new
g_main_loop_run
g_main_loop_unref
g_option_context_add_group
g_option_context_add_main_entries
g_option_context_free
g_option_context_get_help
g_option_context_new
g_option_context_parse
g_option_context_set_description
g_option_context_set_help_enabled
g_option_context_set_ignore_unknown_options
g_option_context_set_summary
g_option_group_add_entries
g_option_group_new
g_option_group_set_translation_domain
g_path_get_basename
g_print
g_printerr
g_ptr_array_add
g_ptr_array_new_with_free_func
g_ptr_array_unref
g_set_error
g_shell_parse_argv
g_source_remove
g_str_equal
g_str_has_prefix
g_str_hash
g_strcmp0
g_strdup
g_strdup_printf
g_string_append
g_string_append_len
g_string_free
g_string_insert_c
g_string_new
g_strndup
g_timeout_add
g_variant_builder_add_value
g_variant_builder_clear
g_variant_builder_end
g_variant_builder_init
g_variant_get
g_variant_is_object_path
g_variant_is_of_type
g_variant_iter_free
g_variant_iter_loop
g_variant_iter_next_value
g_variant_new
g_variant_parse
g_variant_parse_error_print_context
g_variant_print
g_variant_ref
g_variant_ref_sink
g_variant_type_checked_
g_variant_type_dup_string
g_variant_type_free
g_variant_type_get_string_length
g_variant_type_new
g_variant_type_peek_string
g_variant_unref

libgobject-2.0-0

g_object_unref

libintl-8

libintl_bind_textdomain_codeset
libintl_bindtextdomain
libintl_gettext
libintl_setlocale
libintl_textdomain

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery

msvcrt

__getmainargs
__initenv
__lconv_init
__p__acmdln
__p__fmode
__set_app_type
__setusermatherr
_amsg_exit
_cexit
_initterm
_iob
_onexit
abort
calloc
exit
fprintf
free
fwrite
malloc
memcpy
signal
strlen
strncmp
strrchr
strtol
vfprintf

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b249604225225b652098bfc0f480ef74

Headers

File Characteristics

Imports

libgio-2.0-0

libglib-2.0-0

libgobject-2.0-0

libintl-8

kernel32

msvcrt

Sections

.text Size: 24KB - Virtual size: 24KB

.data Size: 512B - Virtual size: 52B

.rdata Size: 7KB - Virtual size: 6KB

.bss Size: - Virtual size: 1KB

.idata Size: 5KB - Virtual size: 5KB

.CRT Size: 512B - Virtual size: 52B

.tls Size: 512B - Virtual size: 8B

/4 Size: 512B - Virtual size: 20B

.text
Size: 24KB - Virtual size: 24KB

.data
Size: 512B - Virtual size: 52B

.rdata
Size: 7KB - Virtual size: 6KB

.bss
Size: - Virtual size: 1KB

.idata
Size: 5KB - Virtual size: 5KB

.CRT
Size: 512B - Virtual size: 52B

.tls
Size: 512B - Virtual size: 8B

/4
Size: 512B - Virtual size: 20B