10504509c0fb919845d1972dd30b9ea0e6257c0e53a0d2bf29298d2350db6ef7_NeikiAnalytics

Sharing

Copy URL

Twitter E-mail

General

Target

10504509c0fb919845d1972dd30b9ea0e6257c0e53a0d2bf29298d2350db6ef7_NeikiAnalytics
Size

334KB
MD5

967cb9dd135fe50534bf484275fde0a0
SHA1

b2e288f46b859f41f1653e7fe4be7bf5a4b73a00
SHA256

10504509c0fb919845d1972dd30b9ea0e6257c0e53a0d2bf29298d2350db6ef7
SHA512

db9e6c960c377b27d2c7df4a509cb603a6ebbe7635bc0cd6d914ece9fb9ba8ad616cef003c5ca58f9ab122f08ac46de9e5fb4875b5dc518e3120afb721e756aa
SSDEEP

1536:uQ8vgrENxUP8B9vDaIwv3KsKF5UOn8Wu9d6+7KA1jUpycMPHHyBCDP1a3CVxeFGI:uQ4GEvUPw9vDaI1r8zVzxCywTF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10504509c0fb919845d1972dd30b9ea0e6257c0e53a0d2bf29298d2350db6ef7_NeikiAnalytics

Files

10504509c0fb919845d1972dd30b9ea0e6257c0e53a0d2bf29298d2350db6ef7_NeikiAnalytics
.dll windows:6 windows x64 arch:x64

4edc9b7d53fe49b0b4fda43243fc4412

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

LocalFree
GetCurrentProcess
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
TerminateProcess

oleaut32

SysFreeString
SysAllocString

vcruntime140

__std_type_info_destroy_list
__C_specific_handler
__std_exception_destroy
__std_exception_copy
_CxxThrowException
memset

api-ms-win-crt-heap-l1-1-0

malloc
_callnewh
free

api-ms-win-crt-runtime-l1-1-0

_initterm
_initterm_e
_cexit
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_execute_onexit_table

Exports

Exports

GetDXErrorDescription
GetDXErrorString

Sections

.text
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 253KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 624B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4edc9b7d53fe49b0b4fda43243fc4412

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

oleaut32

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

Exports

Exports

Sections

.text Size: 77KB - Virtual size: 77KB

.rdata Size: 253KB - Virtual size: 252KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 1024B - Virtual size: 624B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 512B - Virtual size: 92B

.text
Size: 77KB - Virtual size: 77KB

.rdata
Size: 253KB - Virtual size: 252KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 1024B - Virtual size: 624B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 512B - Virtual size: 92B