NPAddConnection
NPAddConnection3
NPCancelConnection
NPCloseEnum
NPEnumResource
NPGetCaps
NPGetConnection
NPGetResourceInformation
NPGetResourceParent
NPGetUniversalName
NPOpenEnum
Static task
static1
Behavioral task
behavioral1
Sample
16d2dedf11c99f25e5c143b972ea01f0_NeikiAnalytics.dll
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
16d2dedf11c99f25e5c143b972ea01f0_NeikiAnalytics.dll
Resource
win10v2004-20240508-en
Target
16d2dedf11c99f25e5c143b972ea01f0_NeikiAnalytics.exe
Size
12KB
MD5
16d2dedf11c99f25e5c143b972ea01f0
SHA1
c963c6379931d93567dd5eb0678ebcf3ea8c198c
SHA256
4a403d5809b1bd1c38db2719601d3b1a02020dcc5de3ba543e1c76cb79592b82
SHA512
8158e272b963832017729c8fe679c550b86a98f3157d37d838f0e461f1becc79db3fd1bf68002b4eed2ec4b25358f4c35ae37c973b0d07174c944618c0868fb0
SSDEEP
192:bSXH82ZvlpvY9A4AI9rPa32JIGTkILWxlUW:bSjZvA9Aia3sIGTkILWxlUW
Checks for missing Authenticode signature.
resource |
---|
16d2dedf11c99f25e5c143b972ea01f0_NeikiAnalytics.exe |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
GetLastError
QueryDosDeviceW
ProcessIdToSessionId
GetCurrentProcessId
WTSGetActiveConsoleSessionId
TerminateProcess
GetCurrentProcess
DefineDosDeviceW
CloseHandle
DisableThreadLibraryCalls
HeapAlloc
HeapFree
wcsstr
wcscat
wcschr
wcslen
wcsncpy
wcscpy
_wcsnicmp
swprintf
NtFsControlFile
NtClose
RtlAppendUnicodeToString
NtCreateFile
NtOpenFile
RtlInitUnicodeString
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
NPAddConnection
NPAddConnection3
NPCancelConnection
NPCloseEnum
NPEnumResource
NPGetCaps
NPGetConnection
NPGetResourceInformation
NPGetResourceParent
NPGetUniversalName
NPOpenEnum
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ