e49730a3e0c3c8c80e6a99b1acd06270_NeikiAnalytics

General

Target

e49730a3e0c3c8c80e6a99b1acd06270_NeikiAnalytics
Size

16KB
MD5

e49730a3e0c3c8c80e6a99b1acd06270
SHA1

663ee47ec0114ac2afce1b7576b6d6d67a85423d
SHA256

1234c10637103e8e59df0c21840d773df738663488baa4125ecd968e3a59352c
SHA512

8f7722474f63a7d5d744e94e895814dd278d55213d38e7e7a4135d7d799b30953ad5e59f24b1f7c794d1270856ceafb4b7e41f28adfa70a4c9e5ce8c5f3f67c1
SSDEEP

192:0dtnN6CCbazU9a2D5GSw/BvPRQX8zJJwdnZjzJ6FEFaXy8qIVj93j5lyzv:G6C3Qp50jTrIRGXy8qIj390z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e49730a3e0c3c8c80e6a99b1acd06270_NeikiAnalytics

Files

e49730a3e0c3c8c80e6a99b1acd06270_NeikiAnalytics
.dll windows:1 windows x86 arch:x86

dd040d3b1b077c5566de48ac03fceb30

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetVersion
LocalAlloc
LocalFree
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
lstrcatA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA

cw3230mt

@$bdele$qpv
@$bnwa$qui
@_CatchCleanup$qv
@__lockDebuggerData$qv
@__unlockDebuggerData$qv
__ErrorMessage
__ExceptionHandler
___debuggerDisableTerminateCallback
__flushall
__free_heaps
__ftol
__startupd
_abort
_atof
_atol
_cos
_fabs
_floor
_free
_malloc
_memcpy
_memset
_sin
_sprintf
_sqrt
_stricmp
_strnicmp

Exports

Exports

E3DLLFunc
MAP_Import
__DebuggerHookData

Sections

.text
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dd040d3b1b077c5566de48ac03fceb30

Headers

File Characteristics

Imports

kernel32

cw3230mt

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 12KB

.data Size: 1KB - Virtual size: 4KB

.tls Size: 512B - Virtual size: 4KB

.idata Size: 1024B - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 2KB - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 8KB - Virtual size: 12KB

.data
Size: 1KB - Virtual size: 4KB

.tls
Size: 512B - Virtual size: 4KB

.idata
Size: 1024B - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 2KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB