426da98d5ead2a04cc551eb856ad9bb831880d6120a9c98acb25892c1b8bf9e6_NeikiAnalytics

Sharing

Copy URL

Twitter E-mail

General

Target

426da98d5ead2a04cc551eb856ad9bb831880d6120a9c98acb25892c1b8bf9e6_NeikiAnalytics
Size

100KB
MD5

566adaa4349e23637eaa2cbdfe33da20
SHA1

9ed3522590a44a5309d0da9c6577db987734c0ab
SHA256

426da98d5ead2a04cc551eb856ad9bb831880d6120a9c98acb25892c1b8bf9e6
SHA512

c8796d1495317101cf75d33919d615b4332705bac8ad9816e452266978215095e9d2607d9a79fdf8260b26c3c6aa8525e4bd11363cc67b8883bab3a1c5eae556
SSDEEP

1536:c76RzHd3x4Tzm46LT2X33gNXkdqdB/Xar0N6k00IxEoFSVzx:3blx42s38kav96/0IxEoF8V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
426da98d5ead2a04cc551eb856ad9bb831880d6120a9c98acb25892c1b8bf9e6_NeikiAnalytics

Files

426da98d5ead2a04cc551eb856ad9bb831880d6120a9c98acb25892c1b8bf9e6_NeikiAnalytics
.dll windows:4 windows x86 arch:x86

196d5e8eb9a21a88d4a6c632373856c8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

kernel32

lstrcpynW
lstrlenW
lstrlenA
GetProcAddress
LoadLibraryW
FindClose
FindFirstFileW
GetModuleFileNameW
FreeLibrary
GetVersionExA
CloseHandle
LocalAlloc
FormatMessageA
FlushFileBuffers
LCMapStringW
LCMapStringA
SetConsoleCtrlHandler
GetLocaleInfoW
GetTimeZoneInformation
SetStdHandle
LoadLibraryA
CompareStringA
CompareStringW
LocalFree
IsValidLocale
GetOEMCP
GetACP
UnhandledExceptionFilter
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
InterlockedDecrement
InterlockedIncrement
GetLastError
MultiByteToWideChar
Sleep
RtlUnwind
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
FatalAppExitA
GetCPInfo
SetEnvironmentVariableA
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapSize
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetCurrentThread
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
IsBadWritePtr
SetFilePointer

user32

SetCursor
LoadCursorA
wsprintfA
LoadStringA
GetSystemMetrics
MessageBoxA
GetForegroundWindow

advapi32

RegQueryValueExW
RegCloseKey
RegOpenKeyExW

ole32

CoUninitialize
CoCreateInstance
CoInitialize
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
StringFromGUID2

Exports

Exports

AnnotateLayout
AnnotateViewWindow
FlagWarning
IsTabletPC
ReleaseEditWindow
TabletPenInput

Sections

.text
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

196d5e8eb9a21a88d4a6c632373856c8

Headers

File Characteristics

Imports

version

kernel32

user32

advapi32

ole32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 56KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 16KB - Virtual size: 20KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 60KB - Virtual size: 56KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 16KB - Virtual size: 20KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 4KB