ddeabd84189e1a60700f7d1bfbdff4e0_NeikiAnalytics

General

Target

ddeabd84189e1a60700f7d1bfbdff4e0_NeikiAnalytics
Size

1.7MB
MD5

ddeabd84189e1a60700f7d1bfbdff4e0
SHA1

cc7450fb619c04e71cd341d8808f52eb73e063d1
SHA256

f45ecd403fc72d16a8bc13fee27295e1f160332f16dbed6500f98734fef11b65
SHA512

c7716795d5de337bd45fcd2af045006bfea77744992b8b926c15d2f7b5d3bc0bdc5f3cd20f12126d41705e65e8cd3315008b0f1cc113802229d6d942a684a2a2
SSDEEP

24576:f3sSijQGqsRr8OwG5FNVxEn1tXqrdaQJEzY9yLGYT1D9D7cecmFZ41wtTMWAkIO:f8pqsRr8OwG9A1ITJEzSzqPcec8/AE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ddeabd84189e1a60700f7d1bfbdff4e0_NeikiAnalytics

Files

ddeabd84189e1a60700f7d1bfbdff4e0_NeikiAnalytics
.exe windows:1 windows x86 arch:x86

80a6fc792c2f7bffc4730e1331c8f15a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoCreateInstance
CoInitialize
CoUninitialize

dplayx

ord4
ord1

winmm

timeBeginPeriod
timeEndPeriod
timeGetDevCaps
timeGetTime

mss32

_AIL_allocate_sample_handle@4
_AIL_end_sample@4
_AIL_init_sample@4
_AIL_load_sample_buffer@16
_AIL_mem_alloc_lock@4
_AIL_mem_free_lock@4
_AIL_minimum_sample_buffer_size@12
_AIL_ms_count@0
_AIL_release_sample_handle@4
_AIL_resume_sample@4
_AIL_sample_buffer_ready@4
_AIL_sample_status@4
_AIL_sample_volume@4
_AIL_set_sample_file@12
_AIL_set_sample_loop_count@8
_AIL_set_sample_pan@8
_AIL_set_sample_playback_rate@8
_AIL_set_sample_position@8
_AIL_set_sample_type@12
_AIL_set_sample_volume@8
_AIL_shutdown@0
_AIL_start_sample@4
_AIL_startup@0
_AIL_stop_sample@4
_AIL_waveOutOpen@16

advapi32

RegCloseKey
RegEnumValueA
RegOpenKeyExA

msvfw32

ICDecompress
ICLocate
ICSendMessage

Sections

[Tbc]
Size: 1.4MB - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

[Tbc]
Size: 5KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

[Tbc]
Size: 173KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

[Tbc]
Size: 926KB - Virtual size:

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

[Tbc]
Size: 76KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

[Tbc]
Size: 2KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

80a6fc792c2f7bffc4730e1331c8f15a

Headers

File Characteristics

Imports

ole32

dplayx

winmm

mss32

advapi32

msvfw32

Sections

[Tbc] Size: 1.4MB - Virtual size:

[Tbc] Size: 5KB - Virtual size:

[Tbc] Size: 173KB - Virtual size:

[Tbc] Size: 926KB - Virtual size:

[Tbc] Size: 76KB - Virtual size:

[Tbc] Size: 2KB - Virtual size:

[Tbc]
Size: 1.4MB - Virtual size:

[Tbc]
Size: 5KB - Virtual size:

[Tbc]
Size: 173KB - Virtual size:

[Tbc]
Size: 926KB - Virtual size:

[Tbc]
Size: 76KB - Virtual size:

[Tbc]
Size: 2KB - Virtual size: