138fa33cc6cd6fd9c51bd1c0a9dde450_NeikiAnalytics

General

Target

138fa33cc6cd6fd9c51bd1c0a9dde450_NeikiAnalytics
Size

28KB
MD5

138fa33cc6cd6fd9c51bd1c0a9dde450
SHA1

0226ff3e572dabf7b3dacc03055292653d5357ed
SHA256

896f36272f31ac8aa0bbb47644ba670e1fe5f2a6d53bb3407b0c9f5aa958c777
SHA512

019fed389cfb5ddd227728743946df4cf23775a387f28f120dd16ee0269348a1739dc657b3d7460915f093a956c9c3b0d2e4543920090c8c4b83aa4dd04ee5fd
SSDEEP

384:YnZ6vGKVHJY3c/mlvl29yyDsY5trh6oZPK70:YZ6vXJHnyuhlh6oEQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
138fa33cc6cd6fd9c51bd1c0a9dde450_NeikiAnalytics

Files

138fa33cc6cd6fd9c51bd1c0a9dde450_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

db6b2f7b967693116577bacdb325a858

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wsprintfA
LoadStringA
MessageBoxA

winspool.drv

DeleteMonitorA
EnumPortsA
EnumMonitorsA

advapi32

RegDeleteKeyA
RegCloseKey
RegOpenKeyExA

kernel32

LCMapStringW
LoadLibraryA
GetProcAddress
GetStringTypeA
GetStringTypeW
MultiByteToWideChar
LCMapStringA
GetCurrentProcess
LocalFree
LocalHandle
lstrcatA
FormatMessageA
GetLastError
SetLastError
WritePrivateProfileStringA
GetWindowsDirectoryA
MoveFileExA
DeleteFileA
lstrcpyA
GetSystemDirectoryA
lstrcmpA
lstrlenA
GetVersion
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
ExitProcess
TerminateProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

db6b2f7b967693116577bacdb325a858

Headers

File Characteristics

Imports

user32

winspool.drv

advapi32

kernel32

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 7KB

.rsrc Size: 4KB - Virtual size: 24KB

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 4KB - Virtual size: 24KB