10ac64d69b003a7ddd76ad837db4bf50_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

10ac64d69b003a7ddd76ad837db4bf50_NeikiAnalytics
Size

14KB
MD5

10ac64d69b003a7ddd76ad837db4bf50
SHA1

3c1e45f7dac49fed72c8c7252e01f46275c877ed
SHA256

2273f3ec2c17cecd7888798941a8c5047465851bf64dcc97dbee6752a6d8ec95
SHA512

2394451bbfcccd909180ac38e7a001aa2039328bc3e6029a771d6f52df909a5441ff355fcabe12b1e928e6e5763c0a860df2b2034a168d979708ef035a57c521
SSDEEP

192:T1dze9ic4d22uGo5s54UZ+D7aGAfJGhqm3HXXQ3fQU3XjupMLQN3fLrujib5T:T15hcP7J5smrq5fJsqm33X4LL6Dr6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10ac64d69b003a7ddd76ad837db4bf50_NeikiAnalytics

Files

10ac64d69b003a7ddd76ad837db4bf50_NeikiAnalytics
.dll windows:5 windows x64 arch:x64

ef5746ddd8659355f305b632a350b9f3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

liblm

?x915683265@x1759739260@@SAXXZ
?x19388192@x1759739260@@2HA
?setPrimaryInfo@x1759739260@@SAXAEAHPEAPEADI@Z
?x1820730780@x1759739260@@2IA
?instance@LM_ProductInfoTable@@SAAEAV1@XZ
?x188850740@x1759739260@@SAXHI@Z
?x996145766@x1759739260@@SAPEBDI@Z
?x234184334@x1759739260@@2_NA
?x466600563@x1759739260@@2HA
?x1038866911@x1759739260@@2PAHA
?x945041775@x291589374@@SAHH@Z
?x5a10024d@x1759739260@@SAHI@Z
?x45527330@x1759739260@@SAXAEAVUT_WorkBuffer@@I@Z
?x537453217@x1759739260@@SAIAEAVUT_WorkBuffer@@@Z
?x1808868900@x1759739260@@SAPEAVUT_NetSocket@@XZ
?x099684882@x1759739260@@SAHIHH@Z
?theLastValue1@x1759739260@@2HA
?x80204583@x1759739260@@SAIH@Z
?x7236230@x1759739260@@SA_NI@Z
?x152552342@x1759739260@@SA_NXZ

libut

??0UT_WorkBuffer@@QEAA@XZ
?getInt@UT_EnvControl@@SAHW4UT_IntControl@@@Z
?utTempMsg@@3HA
??1UT_WorkBuffer@@QEAA@XZ
?setWaitForUserToClose@UT_Console@@SAXH@Z
??1UT_NetPacket@@UEAA@XZ
??1theTmpDirLockStaticInit@@QEAA@XZ
??0theTmpDirLockStaticInit@@QEAA@XZ
?exit@UT_Exit@@SAXW4UT_ExitCode@1@@Z
??0UT_String@@QEAA@PEBDHH@Z
??4UT_String@@QEAAAEAV0@PEBD@Z
??YUT_String@@QEAAAEAV0@PEBD@Z
??1UT_String@@QEAA@XZ
?readPacket@UT_NetPacket@@QEAAIAEAVUT_NetSocket@@AEAVUT_WorkBuffer@@H@Z
??0UT_NetPacket@@QEAA@II@Z
?getUserHost@UT_NetPacket@@SAPEBDXZ
?strcpy@UT_WorkBuffer@@QEAAXPEBD@Z
?writeData@UT_NetPacket@@QEAAHAEAVUT_NetSocket@@PEBXI@Z
?flush@UT_NetPacket@@QEAAHAEAVUT_NetSocket@@@Z
?UTspawn@@YAHPEBDH_N1@Z

python26

_Py_TrueStruct
PyImport_ExecCodeModule
Py_CompileStringFlags
Py_InitModule4_64
PyRun_SimpleStringFlags
_Py_ZeroStruct

msvcr90

__crt_debugger_hook
_encode_pointer
__dllonexit
_unlock
__C_specific_handler
__CxxFrameHandler3
_getpid
strtol
sprintf
_time64
_onexit
_decode_pointer
_malloc_crt
_initterm
_initterm_e
free
_encoded_null
_amsg_exit
__CppXcptFilter
__clean_type_info_names_internal
_lock

kernel32

Sleep
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
DisableThreadLibraryCalls
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime

Exports

Exports

initdashboard

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 78B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ef5746ddd8659355f305b632a350b9f3

Headers

File Characteristics

Imports

liblm

libut

python26

msvcr90

kernel32

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 2KB - Virtual size: 3KB

.pdata Size: 512B - Virtual size: 336B

.reloc Size: 512B - Virtual size: 78B

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 2KB - Virtual size: 3KB

.pdata
Size: 512B - Virtual size: 336B

.reloc
Size: 512B - Virtual size: 78B