5282a36a9111cd02fb342ff5f0908c66de4073840f10acd40d7b00ba152facb7_NeikiAnalytics

Sharing

Copy URL

Twitter E-mail

General

Target

5282a36a9111cd02fb342ff5f0908c66de4073840f10acd40d7b00ba152facb7_NeikiAnalytics
Size

237KB
MD5

5fa6bc8c7a710cff4dec19dd9bb49bf0
SHA1

81d5311ee6726b6728ccf91bf1588c2fd7be79cf
SHA256

5282a36a9111cd02fb342ff5f0908c66de4073840f10acd40d7b00ba152facb7
SHA512

adcc6091f19348cabcecf6b07ec9be00627e1efe45ae4fff91a58be833ffb2c41e95cf7e0ea748ded761406e2bdbe1dd0e4ba3a1d1c3080908b21c7bba1be600
SSDEEP

6144:1wBghXlIi2LK8xbdaehqez6oi/JfOMBfc6Oj4:Ugh1x2L5nq5oW9OyX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5282a36a9111cd02fb342ff5f0908c66de4073840f10acd40d7b00ba152facb7_NeikiAnalytics

Files

5282a36a9111cd02fb342ff5f0908c66de4073840f10acd40d7b00ba152facb7_NeikiAnalytics
.dll windows:5 windows x86 arch:x86

a385878aff3d588d6f009f7d3cc25707

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

libgpac

gf_m4a_get_config
gf_m4a_write_config
gf_ftell
gf_bs_read_data
gf_service_disconnect_ack
gf_service_download_new
gf_dm_sess_process
gf_mem_strdup
gf_service_download_update_stats
gf_dm_sess_get_stats
gf_dm_sess_get_cache_name
gf_fopen
gf_fclose
gf_dm_sess_abort
gf_service_download_del
gf_mem_realloc
gf_service_connect_ack
gf_service_send_packet
gf_modules_get_option
gf_log_tool_level_on
gf_log_lt
gf_log
gf_mem_malloc
gf_mem_free
gf_service_command
gf_sleep
gf_bs_from_file
gf_fseek
gf_bs_get_position
gf_bs_available
gf_bs_read_u8
gf_bs_read_int
gf_bs_read_u16
gf_bs_seek
gf_bs_skip_bytes
gf_odf_desc_new
gf_list_add
gf_service_declare_media
gf_odf_desc_esd_new
gf_bs_new
gf_bs_write_int
gf_bs_align
gf_bs_get_content
gf_bs_del
gf_service_check_mime_register
gf_service_register_mime

msvcr100

strrchr
_except_handler4_common
_onexit
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
_crt_debugger_hook
__CppXcptFilter
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
qsort
_CIlog
_CIcos
_CIsin
_CIsqrt
memmove
free
malloc
_CIpow
sscanf
strstr
strchr
memcpy
atof
_gmtime64
_time64
_strnicmp
memset

kernel32

IsDebuggerPresent
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsProcessorFeaturePresent
EncodePointer
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
DecodePointer

Exports

Exports

LoadInterface
QueryInterfaces
ShutdownInterface

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a385878aff3d588d6f009f7d3cc25707

Headers

DLL Characteristics

File Characteristics

Imports

libgpac

msvcr100

kernel32

Exports

Exports

Sections

.text Size: 116KB - Virtual size: 115KB

.rdata Size: 106KB - Virtual size: 106KB

.data Size: 10KB - Virtual size: 10KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 116KB - Virtual size: 115KB

.rdata
Size: 106KB - Virtual size: 106KB

.data
Size: 10KB - Virtual size: 10KB

.reloc
Size: 3KB - Virtual size: 3KB