0f8e2f4795fa24098f2c51476a6460d0_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

0f8e2f4795fa24098f2c51476a6460d0_NeikiAnalytics
Size

25KB
MD5

0f8e2f4795fa24098f2c51476a6460d0
SHA1

ae635b25b1654f64d77a421048a56a253db119e5
SHA256

1741b21bb590a2db4622225b33a042c54c7110572f950987fec1f18a954bdb2b
SHA512

fc6e4bfcfa58668fbf9cefaa53d261e80e51c3a28bf628be7f89b0f1c10ef291ae275a21e3a24bafcff5686b210ad360a990ed88bfe653c2ab6280193aaf2b06
SSDEEP

768:iW9aF5VTJ+P/xoUAIpd+o7uMnm9YVN7CrJ0IKIgtG3Y:/9aF5VQPJmmVN7CN0IKIgtG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f8e2f4795fa24098f2c51476a6460d0_NeikiAnalytics

Files

0f8e2f4795fa24098f2c51476a6460d0_NeikiAnalytics
.dll windows:6 windows x86 arch:x86

b5b49331ddcb011108795b561104f82a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\adang\Desktop\MiscProgramming\PythonWin7\Python-3.11.1\PCbuild\win32\_msi.pdb

Imports

cabinet

ord10
ord14
ord11
ord13

msi

ord125
ord163
ord167
ord121
ord48
ord151
ord8
ord160
ord17
ord116
ord158
ord20
ord118
ord32
ord152
ord159
ord149
ord153
ord166
ord77
ord123
ord92
ord148
ord115
ord170

rpcrt4

RpcStringFreeW
UuidToStringW
UuidCreate

kernel32

IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateFileW
GetFileInformationByHandle
CloseHandle
FileTimeToLocalFileTime
FileTimeToDosDateTime

python311

PyLong_AsUnsignedLongMask
PyArg_ParseTuple
PyUnicode_FromString
_PyObject_CallMethodId
PyMem_RawFree
_PyLong_AsInt
PyExc_TypeError
_PyObject_New
PyExc_NotImplementedError
PyBytes_FromStringAndSize
PyErr_NoMemory
PyMem_Free
PyObject_GenericSetAttr
PyErr_Clear
PyErr_NewException
PyUnicode_AsWideCharString
PyLong_AsLong
PyModule_AddObject
PyErr_ExceptionMatches
PyObject_Free
PyModule_Create2
_Py_Dealloc
PyLong_Type
PyErr_Format
PyExc_ValueError
PyErr_SetString
PyUnicode_FromWideChar
_PyArg_BadArgument
_Py_NoneStruct
PyMem_RawMalloc
PyExc_MemoryError
PyLong_FromLong
_PyUnicode_AsUnicode
PyUnicode_AsUTF8AndSize
PyObject_GenericGetAttr
PyErr_Occurred
PyBytes_AsString
_PyArg_CheckPositional
PyModule_AddIntConstant

vcruntime140

_except_handler4_common
__std_type_info_destroy_list
memset
memcpy

api-ms-win-crt-stdio-l1-1-0

_write
_read
_close
_wopen
_lseek
_tempnam

api-ms-win-crt-filesystem-l1-1-0

_wremove

api-ms-win-crt-string-l1-1-0

strncpy

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
_errno
_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table

api-ms-win-crt-heap-l1-1-0

free
malloc

Exports

Exports

PyInit__msi

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b5b49331ddcb011108795b561104f82a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

cabinet

msi

rpcrt4

kernel32

python311

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

Exports

Exports

Sections

.text Size: 10KB - Virtual size: 9KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 1KB - Virtual size: 2KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 1KB - Virtual size: 2KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 1KB - Virtual size: 1KB