49bfd4095fe9493b899be2a86782fe50_NeikiAnalytics

General

Target

49bfd4095fe9493b899be2a86782fe50_NeikiAnalytics
Size

269KB
MD5

49bfd4095fe9493b899be2a86782fe50
SHA1

025b5fb6a31358ba77d3abe5b2559e375a2bc28c
SHA256

6c29ed90b62a9d267327811ffe92599558f92419a0044307fa5fc51f1a9291fb
SHA512

8c9ec795a76247d33d5cb77be6feac194f03e82947388af261e204d2e1f2024d7046097b9a9fd2745f1d7d2a3d0099f083e1a2d64f261dcc87e3924d544039e1
SSDEEP

6144:aMMQoxYabIA4V4VCOPekEOTZpiH73ekHggte8YJasB+JgjSiMWSM:aMMQoxLe41EOTZw3ekH7tAJah

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49bfd4095fe9493b899be2a86782fe50_NeikiAnalytics

Files

49bfd4095fe9493b899be2a86782fe50_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

ea053eeab13d3d1f48756eefea226a5e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_stricmp
_itoa
sprintf
printf
__p__iob
fflush
exit
fgets
sscanf
strstr
strncpy
atof
atoi
memset
strncmp
malloc
free
localtime
mktime
memcpy
vsprintf
vprintf
_CIpow
_strnicmp
fopen
fclose
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__p___initenv
_XcptFilter
_exit
_onexit
__dllonexit
_controlfp

shell32

ShellExecuteA

kernel32

CreatePipe
CreateProcessA
CloseHandle
ReadFile
GetExitCodeProcess
GetTempPathA
GetTickCount
CreateDirectoryA
FindFirstFileA
FindNextFileA
DeleteFileA
FindClose
SetCurrentDirectoryA
RemoveDirectoryA
GetLocalTime
CopyFileA
CreateMutexA
GetModuleHandleA
GetModuleFileNameA
GetCurrentDirectoryA
CreateFileA
GetFileSize
SetFilePointer
WriteFile
HeapDestroy
HeapCreate
HeapAlloc
HeapReAlloc
HeapFree
HeapValidate
GetFullPathNameA
MultiByteToWideChar
GetVersionExA
RtlUnwind
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess

Sections

.text
Size: 219KB - Virtual size: 219KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ea053eeab13d3d1f48756eefea226a5e

Headers

File Characteristics

Imports

msvcrt

shell32

kernel32

Sections

.text Size: 219KB - Virtual size: 219KB

.rdata Size: 44KB - Virtual size: 43KB

.data Size: 5KB - Virtual size: 86KB

.text
Size: 219KB - Virtual size: 219KB

.rdata
Size: 44KB - Virtual size: 43KB

.data
Size: 5KB - Virtual size: 86KB