df588b9562d5b681adef3d58ff9ff330_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

df588b9562d5b681adef3d58ff9ff330_NeikiAnalytics
Size

216KB
MD5

df588b9562d5b681adef3d58ff9ff330
SHA1

cc10d8559adbae61f142500c37f26317f2dc334f
SHA256

1f9beca329b717cb01c2944dfa7327ed658a39fdef1e51694b262f51f5461490
SHA512

27613e82c7b1a4e9c6560d5d72890a9b1a1486af0c450a233253ae32ed71cf1309daa0391485c6d25b463b522a242e8eb1f7a6b73974774b90652d0f38b5afee
SSDEEP

3072:u4r8DNbDzQOPiZpzHy1KBeeQyXS4o1gob3VEQEqe1BuLscl:uPBDEOqXHyKeeQ6ugO3VXPOuLs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df588b9562d5b681adef3d58ff9ff330_NeikiAnalytics

Files

df588b9562d5b681adef3d58ff9ff330_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

8900640740176ecd3205f6e96f05eb15

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Sandbox\Ptg\Analog Devices\VisualDSP 5.0\Blackfin\Examples\usb\host\windows\hostapp\Debug\hostapp.pdb

Imports

setupapi

SetupDiGetClassDevsA
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA

kernel32

HeapAlloc
GetNumberOfConsoleInputEvents
PeekConsoleInputA
GetConsoleMode
SetConsoleMode
GetConsoleScreenBufferInfo
GetStdHandle
SetConsoleTextAttribute
SetConsoleCursorPosition
FillConsoleOutputAttribute
FillConsoleOutputCharacterA
QueryPerformanceFrequency
QueryPerformanceCounter
SetConsoleWindowInfo
CloseHandle
CreateFileA
GetLastError
CreateEventA
CancelIo
GetOverlappedResult
WaitForSingleObject
ReadFile
WriteFile
GetSystemTimeAsFileTime
RtlUnwind
RaiseException
IsBadWritePtr
IsBadReadPtr
HeapValidate
DebugBreak
GetVersionExA
GetProcAddress
LoadLibraryA
GetCommandLineA
GetModuleHandleA
InterlockedDecrement
OutputDebugStringA
InterlockedIncrement
GetModuleFileNameA
SetUnhandledExceptionFilter
HeapFree
TerminateProcess
GetCurrentProcess
ExitProcess
WriteConsoleA
HeapReAlloc
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
SetHandleCount
GetFileType
GetStartupInfoA
SetFilePointer
GetProcessHeap
FreeLibrary
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetConsoleCtrlHandler
MultiByteToWideChar
VirtualProtect
GetSystemInfo
VirtualQuery
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
IsBadCodePtr
SetStdHandle
FlushFileBuffers
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
InterlockedExchange
LCMapStringA
LCMapStringW
GetLocaleInfoA
SetEndOfFile
ReadConsoleInputA

Sections

.textbss
Size: - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 176KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8900640740176ecd3205f6e96f05eb15

Headers

File Characteristics

PDB Paths

Imports

setupapi

kernel32

Sections

.textbss Size: - Virtual size: 78KB

.text Size: 176KB - Virtual size: 173KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 8KB - Virtual size: 16KB

.idata Size: 4KB - Virtual size: 3KB

.textbss
Size: - Virtual size: 78KB

.text
Size: 176KB - Virtual size: 173KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 8KB - Virtual size: 16KB

.idata
Size: 4KB - Virtual size: 3KB