06a31b9d886ab00986c9d3986a493740_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

06a31b9d886ab00986c9d3986a493740_NeikiAnalytics
Size

37KB
MD5

06a31b9d886ab00986c9d3986a493740
SHA1

8801e97945ba17eaeafccebfc80c7111515d8edf
SHA256

43709d6a82070745b10ec0efa762683c7e2d2d31a38efec09291e4b42e2156cd
SHA512

ba501fc22d709fc399d17f8309e560f55b8db982d7bb35e258901748071238cff932165fdd84ce4c6b5e95495b65902e70663ca31ec63ea6d043ac7258a08591
SSDEEP

96:gSHo5vb+s/z/Uus7D4IefxZUkhUo326TcDcAI+PS8TEPSUwlT:gzP/z/wf4LHB26oAAIpSbd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06a31b9d886ab00986c9d3986a493740_NeikiAnalytics

Files

06a31b9d886ab00986c9d3986a493740_NeikiAnalytics
.dll windows:5 windows x86 arch:x86

bfeb52e84fc4da8112232143e9147721

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

url.pdb

Imports

msvcrt

malloc
_adjust_fdiv
_initterm
free
memmove

kernel32

TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
DelayLoadFailureHook
GetSystemTimeAsFileTime
GetCurrentProcessId
FreeLibrary
GetProcAddress
LoadLibraryA
GetProfileStringA
lstrlenA
SetLastError
InterlockedCompareExchange
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId

user32

CharNextA
CharPrevA

shlwapi

StrCmpNIA
StrChrA
PathCreateFromUrlA
ord1

shell32

ord102
ShellExecuteA

shdocvw

URLQualifyW
URLQualifyA

Exports

Exports

AddMIMEFileTypesPS
AutodialHookCallback
DllCanUnloadNow
DllGetClassObject
FileProtocolHandler
FileProtocolHandlerA
InetIsOffline
MIMEAssociationDialogA
MIMEAssociationDialogW
MailToProtocolHandler
MailToProtocolHandlerA
NewsProtocolHandler
NewsProtocolHandlerA
OpenURL
OpenURLA
TelnetProtocolHandler
TelnetProtocolHandlerA
TranslateURLA
TranslateURLW
URLAssociationDialogA
URLAssociationDialogW

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 76B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 394B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bfeb52e84fc4da8112232143e9147721

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

user32

shlwapi

shell32

shdocvw

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 76B

.rsrc Size: 30KB - Virtual size: 29KB

.reloc Size: 512B - Virtual size: 394B

.text
Size: 5KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 76B

.rsrc
Size: 30KB - Virtual size: 29KB

.reloc
Size: 512B - Virtual size: 394B