d05cd359ed05274d1bfd8efb15cddb00_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

d05cd359ed05274d1bfd8efb15cddb00_NeikiAnalytics
Size

48KB
MD5

d05cd359ed05274d1bfd8efb15cddb00
SHA1

ddcfd30ce1ce41f18162b14e2611998fa5d474df
SHA256

12532dcf277d1d3610f8fd860eefc89bbad26af7e7a0d0b50d4059b00431a927
SHA512

867e57bf7b27a495e512e7201328787b5ab4e30eb44219d65edfcd27cf85f35f45d98942664a87c27be3bc8657eff66755e07ec5d0b7ded8b1663bc2bd84082d
SSDEEP

768:KZv4WR7RUKmC3D4mBk+8e3MVWn9zIrR+dF+YDk1Pf9HSS6nKgyXigLLLDD7C5:K14G7RUMaNBvwdef9HSS6nKgyXigLLLH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d05cd359ed05274d1bfd8efb15cddb00_NeikiAnalytics

Files

d05cd359ed05274d1bfd8efb15cddb00_NeikiAnalytics
.dll windows:4 windows x86 arch:x86

f2020d76bf83d8774e109bd95324bbab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
LeaveCriticalSection
EnterCriticalSection
GlobalSize
DeleteCriticalSection
InitializeCriticalSection
GlobalHandle
GlobalAlloc
GlobalLock
CloseHandle
GlobalUnlock
GlobalFree
SetFilePointer
ReadFile
WriteFile
GetProcAddress
LoadLibraryA
CreateFileW
GetFileSize
CreateFileA

user32

wvsprintfA
SetDlgItemInt
GetDlgItemInt
GetDlgItem
wsprintfW
SendMessageW
MessageBoxA
GetDlgItemTextW
SetDlgItemTextW
SetClipboardData
wvsprintfW
CloseClipboard
ShowWindow
EmptyClipboard
OpenClipboard
MessageBoxW
EnableWindow
FillRect
EndDialog
GetFocus
DialogBoxParamW
LoadStringW

gdi32

TextOutW
CreateHatchBrush
CreateCompatibleBitmap
CreateDCA
DeleteDC
DeleteObject
SelectObject
SetDIBits
CreateCompatibleDC
GetObjectW
CreateBitmap
FloodFill
LineTo
BitBlt
MoveToEx
Rectangle
SetROP2

djp

JpgRotW
JpgRot1
JpgStampW

djpalign

AlignedJpg2Dib
AlignedJpgRotW
AlignedJpgRot1

mcppl

WPPInt
ErrorMessage
DelTree
GPPInt
DefaultDlg
Quote
IsDirectory
ErrorMsg
WPPStr
GPPStr

msvcrt

atoi
_wtol
swprintf
wcscat
_wrename
_wmkdir
_wremove
_wfopen
fseek
wcscpy
fwrite
fclose
_adjust_fdiv
malloc
_initterm
free
_onexit
__dllonexit
wcscmp
_ftol
atan
fabs
wcslen
fread
__CxxFrameHandler
memmove
memcpy

Exports

Exports

?ExpandIndex@@YAJPAG0@Z
OutputFormatAppClose
OutputFormatAppOpen
OutputFormatAppSetup
OutputFormatBtcValidate
OutputFormatDescription
OutputFormatDisplay
OutputFormatLabel
OutputFormatMode
OutputFormatProcess
OutputFormatVersion

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f2020d76bf83d8774e109bd95324bbab

Headers

File Characteristics

Imports

kernel32

user32

gdi32

djp

djpalign

mcppl

msvcrt

Exports

Exports

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 24KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 24KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 2KB