3821e8b6bb43928544a8391ddd8f61a0_NeikiAnalytics

General

Target

3821e8b6bb43928544a8391ddd8f61a0_NeikiAnalytics
Size

21KB
MD5

3821e8b6bb43928544a8391ddd8f61a0
SHA1

a8210efb55ddd7fcfd545513c910e8ff0c7ef9e5
SHA256

c4f4838dfa52c2e9a4e84f96f3807c9fd5146221bc2b4901967288c280fa7cfb
SHA512

34d2da0862ff101be43223dfc6bb715d676e41c40d80e6942b8c1a810ec4baa26d3026e164a737e548f4d5b2ae45ce469d7dd49807f7662dc6b33b9c19f92cc7
SSDEEP

384:B3NMNLwt56N379IZk2PEPyDSAMbjNTDibB7Lc02ikFpQl:RuNY6N35IZQYbMnN+BvKikFE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3821e8b6bb43928544a8391ddd8f61a0_NeikiAnalytics

Files

3821e8b6bb43928544a8391ddd8f61a0_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

8967edc47b24f3ec9f113c8ad5f3e94d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
strftime
time
localtime
strstr
remove
strncat
atoi
sprintf
fgetc
_flsbuf
rewind
fread
fseek
ftell
fopen
free
exit
fclose
malloc
fwrite

kernel32

GetStartupInfoA
GetVolumeInformationA
GetTempPathA
GetSystemDirectoryA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetModuleHandleA
GetCommandLineW
CreateFileA
WriteFile
GetTickCount
LoadLibraryA
GetProcAddress
CreateFileW
GetFileSize
GetProcessHeap
HeapAlloc
CloseHandle
ReadFile

user32

RegisterClassExA
CreateWindowExA
LoadIconA
LoadCursorA
DestroyWindow
DispatchMessageA
PeekMessageA
TranslateMessage
GetMessageA
SetTimer
PostQuitMessage
DefWindowProcA

shell32

ShellExecuteExA
CommandLineToArgvW
ShellExecuteA

wsock32

gethostbyname
WSAStartup
ioctlsocket
htons
socket
send
closesocket
WSACleanup
recv
connect

advapi32

RegSetValueExA
RegOpenKeyA
RegDeleteValueA
RegOpenKeyExA
RegCloseKey

imagehlp

MapFileAndCheckSumA

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8967edc47b24f3ec9f113c8ad5f3e94d

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

shell32

wsock32

advapi32

imagehlp

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 10KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 10KB

.rsrc
Size: 1KB - Virtual size: 1KB