8dc82bac9b76d99625515c7418440010_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

8dc82bac9b76d99625515c7418440010_NeikiAnalytics
Size

83KB
MD5

8dc82bac9b76d99625515c7418440010
SHA1

0d870aa077a1ca2e7f55deb91b61e80c76927b22
SHA256

4bd0862b46f7cd3a7f394c1ae735f1530602a8880fc9d4141d0b2103628e5beb
SHA512

a7b95d3486e2ee9a6402ab9c037b6e9dcd1e84e61aaf0317740387da6bc83c9597c0672fe994564f2d4216b3a1dbe9d1aa77082e547c00722d4d6bd115ffaae1
SSDEEP

1536:/3yqLKmzPYxsbQwTuR3y9b+HU4V/z+cbWC512AjntzOOMhowYkrgHDQ:PyqLKmzPYxt9FgbEU4VychztyDhDgHDQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8dc82bac9b76d99625515c7418440010_NeikiAnalytics

Files

8dc82bac9b76d99625515c7418440010_NeikiAnalytics
.exe windows:6 windows x86 arch:x86

6aebafa495c986f0f702021f6507726f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

dxdllreg.pdb

Imports

advapi32

RegCloseKey
RegDeleteValueA
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
SetServiceStatus
ControlService
CloseServiceHandle
OpenServiceA
OpenSCManagerA
DeleteService
CreateServiceA
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA

kernel32

GetLastError
CreateDirectoryA
OutputDebugStringA
GetWindowsDirectoryA
LocalFree
FormatMessageA
CompareStringA
GetVersionExA
GetPrivateProfileSectionA
FindClose
FindFirstFileA
FreeLibrary
GetProcAddress
LoadLibraryExA
GetPrivateProfileStringA
GetSystemDirectoryA
lstrlenA
CloseHandle
CreateMutexA
WaitForSingleObject
CreateProcessA
CopyFileA
GetModuleFileNameA
Sleep
GetCommandLineA
HeapSetInformation
GetStartupInfoW
GetLocalTime
HeapFree
HeapReAlloc
SetUnhandledExceptionFilter
GetModuleHandleW
ExitProcess
DecodePointer
WriteFile
GetStdHandle
GetModuleFileNameW
FreeEnvi

setupapi

SetupCloseInfFile
SetupFindNextLine
SetupGetLineTextA
SetupFindFirstLineA
SetupOpenInfFileA

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

ole32

OleInitialize
OleUninitialize

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.ropf
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6aebafa495c986f0f702021f6507726f

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

advapi32

kernel32

setupapi

version

ole32

Sections

.text Size: 64KB - Virtual size: 63KB

.data Size: 4KB - Virtual size: 12KB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 6KB - Virtual size: 5KB

.ropf Size: 5KB - Virtual size: 4KB

.text
Size: 64KB - Virtual size: 63KB

.data
Size: 4KB - Virtual size: 12KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 6KB - Virtual size: 5KB

.ropf
Size: 5KB - Virtual size: 4KB