5053f65b84bc5e652fe735f1252ad840_NeikiAnalytics

Sharing

Copy URL

Twitter E-mail

General

Target

5053f65b84bc5e652fe735f1252ad840_NeikiAnalytics
Size

367KB
MD5

5053f65b84bc5e652fe735f1252ad840
SHA1

670ec8d80c5d703813923f61cbd1470370ba8619
SHA256

498c5d4c4c97c36efcefe67306a344c9061d351aaf06c122e2f24f209313eb57
SHA512

6d83efa11b2708f9d835d35415099fc90a64d4e5fdb165bf03cd0e235e2a7a49766609fabd3b52201ee9e07254ad3ca97743ce6e5d90a458a55d2f212b7ab5f2
SSDEEP

6144:3HxYTw0jsrzNy/pPajGjlHKGVgIFoYdrfIOdqU9mHlv0IeTwqDNFkJKQ:3xEH/Jj4NYdrFgwlIekqZKJr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5053f65b84bc5e652fe735f1252ad840_NeikiAnalytics

Files

5053f65b84bc5e652fe735f1252ad840_NeikiAnalytics
.dll windows:6 windows x86 arch:x86

b2bbb913d3cec563af8c430505e1ce57

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

glib-lite

ord399
ord244
ord109
ord459
ord406
ord43
ord323
ord309
ord319
ord210
ord212
ord213
ord255
ord457
ord465
ord492
ord469
ord401
ord475
ord485
ord486
ord387
ord386
ord52
ord51
ord54
ord250
ord53
ord400
ord398
ord308
ord480
ord376
ord171
ord175
ord168
ord176
ord169
ord304
ord198
ord145
ord10
ord1
ord2
ord5
ord238
ord327
ord211
ord464
ord478
ord249
ord242
ord222
ord458
ord412
ord413
ord439
ord421
ord359
ord241
ord240
ord326

gstreamer-lite

ord8
ord11
ord7
ord5
ord4
ord170
ord166
ord151
ord74
ord10
ord6
ord9
ord59
ord110
ord116
ord113
ord103
ord72
ord86
ord135
ord136
ord134
ord167
ord168
ord169
ord149
ord23
ord28
ord93
ord94
ord92
ord91
ord165
ord162
ord97
ord25
ord2
ord37
ord52
ord65
ord84
ord148
ord163
ord164
ord95
ord100
ord171
ord42
ord40
ord127
ord109
ord126
ord101
ord124
ord108
ord68
ord67
ord76
ord71
ord77
ord63
ord133
ord142
ord139
ord143
ord137
ord27
ord3
ord1
ord111
ord112
ord128
ord154
ord50
ord51
ord57
ord38
ord47
ord41
ord39
ord56
ord117
ord125
ord115
ord114
ord102
ord105
ord123
ord122
ord120
ord119
ord98
ord104
ord121
ord107
ord153
ord75
ord69
ord62
ord70
ord73
ord64
ord66
ord140
ord138
ord141
ord150
ord26
ord22
ord21
ord24
ord34
ord32
ord33
ord157
ord158
ord161
ord159
ord144

kernel32

GetProcAddress
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
ReleaseMutex
WaitForSingleObject
CreateMutexA
CloseHandle
CreateFileA
ReadFile
SetFilePointer
WriteFile
GetTempPathA
GetTempFileNameA
GetLastError
FreeLibrary
LoadLibraryA
SetEvent
ResetEvent
ReleaseSemaphore
CreateEventA
WaitForMultipleObjects
GetCurrentProcess
GetCurrentThreadId
lstrcmpW
CreateSemaphoreA
CreateThread
GetCurrentThread
SetThreadPriority
GetThreadPriority
GetTickCount
GetVersionExA
GetModuleHandleA
InitializeCriticalSection
Sleep
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent

ole32

CLSIDFromString
CoInitialize
CoFreeUnusedLibraries
CoTaskMemFree
CoUninitialize
CoCreateInstance
CoTaskMemAlloc

vcruntime140

_purecall
strstr
memcpy
memcmp
__CxxFrameHandler3
memset
__std_exception_copy
__std_exception_destroy
_CxxThrowException
__std_type_info_destroy_list
_except_handler4_common

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vswprintf

api-ms-win-crt-string-l1-1-0

strcmp

api-ms-win-crt-heap-l1-1-0

free
malloc
_callnewh
calloc

api-ms-win-crt-utility-l1-1-0

abs

api-ms-win-crt-math-l1-1-0

_except1

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_initterm
_configure_narrow_argv
_initialize_narrow_environment
_execute_onexit_table
_cexit
_seh_filter_dll
_initialize_onexit_table

winmm

timeSetEvent
timeKillEvent
timeBeginPeriod
timeEndPeriod

user32

DispatchMessageA
GetQueueStatus
MsgWaitForMultipleObjects
RegisterWindowMessageA
PostThreadMessageA
PeekMessageA

Exports

Exports

gst_plugin_desc

Sections

.text
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 230KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b2bbb913d3cec563af8c430505e1ce57

Headers

DLL Characteristics

File Characteristics

Imports

glib-lite

gstreamer-lite

kernel32

ole32

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-runtime-l1-1-0

winmm

user32

Exports

Exports

Sections

.text Size: 106KB - Virtual size: 105KB

.rdata Size: 27KB - Virtual size: 26KB

.data Size: 2KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 936B

.reloc Size: 230KB - Virtual size: 232KB

.text
Size: 106KB - Virtual size: 105KB

.rdata
Size: 27KB - Virtual size: 26KB

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 936B

.reloc
Size: 230KB - Virtual size: 232KB