030e3fccb8a171df40cfc8007af68190_NeikiAnalytics

General

Target

030e3fccb8a171df40cfc8007af68190_NeikiAnalytics
Size

261KB
MD5

030e3fccb8a171df40cfc8007af68190
SHA1

40a99d1d6bd9eaeb9e14e80e010387b5596f6713
SHA256

636c55f35b206c462f73e0c1233ff32cf2cbbef39158850742cb454962b7fc8b
SHA512

cf108e7b84ae875871836a7bf6c686ef0cb5f42366aba1e410ae7465588f0106fad204db61343642d38751783afa2634352455779ab20b21653dce0001d91ea1
SSDEEP

6144:VaRo0JlaDKveb74Bjpx8xV2r+7xZVU90MhAoa8TaH:VQ79SEjyMr+e90MF1Ta

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
030e3fccb8a171df40cfc8007af68190_NeikiAnalytics

Files

030e3fccb8a171df40cfc8007af68190_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

590899d94319f050b5ca42c5c292b441

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsValidLocale
SetHandleCount
SetUnhandledExceptionFilter
GetEnvironmentStringsW
GetProcAddress
Sleep
HeapReAlloc
TlsFree
GetFileType
IsDebuggerPresent
GetCurrentProcessId
HeapAlloc
GetCPInfo
GetTimeFormatA
WideCharToMultiByte
GetModuleHandleA
TlsAlloc
lstrcmpA
EnumSystemLocalesA
VirtualFree
HeapCreate
MultiByteToWideChar
GetLocaleInfoA
LeaveCriticalSection
TlsGetValue
GetACP
InterlockedDecrement
FreeEnvironmentStringsW
RemoveDirectoryA
ExitProcess
GetTickCount
FreeEnvironmentStringsA
SetConsoleCtrlHandler
HeapFree
GetStartupInfoA
GetModuleFileNameA
LCMapStringA
LoadLibraryA
QueryPerformanceCounter
GetOEMCP
VirtualAlloc
CompareStringW
GetLastError
VirtualQuery
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
GetStdHandle
GetTimeZoneInformation
HeapSize
WriteFile
EnterCriticalSection
SetLastError
GetLocaleInfoW
GetSystemTimeAsFileTime
GetStringTypeA
GetDateFormatA
CompareStringA
GetStringTypeW
GetUserDefaultLCID
GetCurrentThread
UnhandledExceptionFilter
TlsSetValue
LCMapStringW
GetCommandLineA
HeapDestroy
GetModuleHandleW
FreeLibrary
SetEnvironmentVariableA
GetEnvironmentStrings
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
InterlockedExchange
IsValidCodePage
InterlockedIncrement

user32

ScreenToClient
InvertRect
WINNLSEnableIME
GetMenuItemRect
GetDCEx
DdeQueryConvInfo
GetMenuItemInfoW
FindWindowA
GetKeyboardLayout
DrawTextA
PostQuitMessage
CreateDialogIndirectParamA
SetScrollInfo

Sections

.text
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 138KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

590899d94319f050b5ca42c5c292b441

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 118KB - Virtual size: 118KB

.data Size: 138KB - Virtual size: 137KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 118KB - Virtual size: 118KB

.data
Size: 138KB - Virtual size: 137KB

.rsrc
Size: 4KB - Virtual size: 3KB