b49edaa62373009a4f42cefaec62ee60_NeikiAnalytics

Sharing

Copy URL

Twitter E-mail

General

Target

b49edaa62373009a4f42cefaec62ee60_NeikiAnalytics
Size

15KB
MD5

b49edaa62373009a4f42cefaec62ee60
SHA1

1541d18007ce1aa10b4849cb326c2ab05f3614f9
SHA256

f5f22920f96f3f4d08ecb5d5e118a0aacd9dfdc6bc2b37abab324588eaa29586
SHA512

7bd246725c52178f82b432df7e5dd27172d8e25682ed5662f3c5c5525ae9dd2fb631ac8a7e3beb6a2de2cbc6b7df9be2c85b28a7fb2fb75f30ed7fff1032ebc7
SSDEEP

192:IX9drHgnflra5g6sXgdFNDBNKUSO5szw5gJlwheP1oynnv8U9j8S:6+rWCuNDb5sqklsI19v8U9jt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b49edaa62373009a4f42cefaec62ee60_NeikiAnalytics

Files

b49edaa62373009a4f42cefaec62ee60_NeikiAnalytics
.exe windows:5 windows x86 arch:x86

e72bfe52721b342d2cf8addfc02aa850

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__p__fmode
__set_app_type
_except_handler3
__p__commode
_controlfp
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
mbstowcs
atoi
_wfopen
fgets
fclose
strtok
strchr
strcpy
strcat
memset
strstr
srand
rand
sprintf
strlen

wininet

InternetCloseHandle
InternetOpenUrlA
InternetOpenA
InternetOpenUrlW
InternetOpenW
InternetReadFile

shlwapi

StrStrA
StrCmpNA
PathFileExistsW

ws2_32

recv
select
htons
gethostbyname
inet_addr
connect
socket
closesocket
setsockopt
shutdown
WSAStartup
send

dnsapi

DnsFree
DnsQuery_A

kernel32

GetLocalTime
Sleep
CloseHandle
WriteFile
FileTimeToLocalFileTime
ExitThread
ExitProcess
DeleteFileW
CreateThread
GetTickCount
FileTimeToSystemTime
CreateFileW
lstrlenA
ExpandEnvironmentStringsW
GetModuleFileNameW
GetLastError
CreateMutexA
GetModuleHandleA
GetStartupInfoA
GetTimeZoneInformation

user32

wsprintfA
wsprintfW

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 676B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e72bfe52721b342d2cf8addfc02aa850

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

wininet

shlwapi

ws2_32

dnsapi

kernel32

user32

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 2KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 1024B - Virtual size: 676B

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 2KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 1024B - Virtual size: 676B