24440445dd293c3f3113cb7be6060f24d5740b7bda4ae4b1b4c7959e29e17ff7_NeikiAnalytics

Sharing

Copy URL

Twitter E-mail

General

Target

24440445dd293c3f3113cb7be6060f24d5740b7bda4ae4b1b4c7959e29e17ff7_NeikiAnalytics
Size

29KB
MD5

2df36c8a03f38f6642f6a430269e3450
SHA1

78f1e0700eb1780e1f551e70c0f30452f0de697f
SHA256

24440445dd293c3f3113cb7be6060f24d5740b7bda4ae4b1b4c7959e29e17ff7
SHA512

b029a1957d7afd825a6d98272b255c3c3dd24107614918897419a0172239feb0192b03a1bd865b9a2ef33e0fdde48572fe61a5eaee420cd2f154280ec20fd110
SSDEEP

384:NIyKV936AYwWoeLHBkO9Lh1O4drU6OiqIZ:yyhZwxABk2d1C6OiqIZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24440445dd293c3f3113cb7be6060f24d5740b7bda4ae4b1b4c7959e29e17ff7_NeikiAnalytics

Files

24440445dd293c3f3113cb7be6060f24d5740b7bda4ae4b1b4c7959e29e17ff7_NeikiAnalytics
.exe windows:6 windows x86 arch:x86

491605ea8639538f5153206da734c31a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\projects\gfi-languard-httpd-build\build\VS14_x86\httpd\htdigest.pdb

Imports

libapr-1

_apr_file_open@20
_apr_file_close@4
_apr_pool_create_ex@16
apr_terminate
apr_snprintf
_apr_cpystrn@12
apr_psprintf
_apr_password_get@12
_apr_temp_dir_get@8
_apr_file_mktemp@16
apr_file_printf
_apr_file_getc@8
_apr_file_putc@8
_apr_file_open_stderr@8
_apr_file_copy@16
_apr_app_initialize@12

libaprutil-1

_apr_md5_final@8
_apr_md5_update@12
_apr_md5_init@4

vcruntime140

__std_type_info_destroy_list
_except_handler4_common
memset

api-ms-win-crt-runtime-l1-1-0

exit
signal
_seh_filter_dll
terminate
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_crt_at_quick_exit
_cexit
_seh_filter_exe
_set_app_type
_configure_narrow_argv
_get_initial_narrow_environment
_initterm
_initterm_e
_exit
_controlfp_s
__p___argc
__p___argv
_c_exit
_register_thread_local_exe_atexit_callback

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-stdio-l1-1-0

__p__commode
_set_fmode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_set_new_mode

kernel32

InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
TerminateProcess
GetCurrentProcess
GetModuleHandleW
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 305B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1005B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

491605ea8639538f5153206da734c31a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

libapr-1

libaprutil-1

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-heap-l1-1-0

kernel32

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 1KB

.idata Size: 3KB - Virtual size: 3KB

.gfids Size: 512B - Virtual size: 305B

.00cfg Size: 512B - Virtual size: 260B

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 1024B - Virtual size: 1005B

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 1KB

.idata
Size: 3KB - Virtual size: 3KB

.gfids
Size: 512B - Virtual size: 305B

.00cfg
Size: 512B - Virtual size: 260B

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 1024B - Virtual size: 1005B