60a319ed5ef99f3513fb42f62391f4b0_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

60a319ed5ef99f3513fb42f62391f4b0_NeikiAnalytics
Size

52KB
MD5

60a319ed5ef99f3513fb42f62391f4b0
SHA1

b8b3e441b8c49f10c8027d0223ced3b2395e1b76
SHA256

fb12f4122ac1bcabb5e7aa4d1e056498631130d969ef89b39408f34d5750c3e5
SHA512

f39c2123c6798e457f825af3e775aca489f06d57f4eb98f6b8bcaa9d718c45be477d4488d419113734b4a81a5f92a7223127b2fed8de611d7e7b6659b8b700d1
SSDEEP

768:ZjQn/FRr4+xu33pRAmQTlaF+i756cvlO:untRr+5q1pOocvlO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
60a319ed5ef99f3513fb42f62391f4b0_NeikiAnalytics

Files

60a319ed5ef99f3513fb42f62391f4b0_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

f690849beeb36157d49229f8d6a809cf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
ReadFile
GetFileSize
CreateFileA
WriteFile
SetFileAttributesA
GetCurrentProcess
WideCharToMultiByte
CreateMutexA
CompareStringA
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
HeapReAlloc
VirtualAlloc
HeapAlloc
GetOEMCP
GetACP
GetCPInfo
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
TerminateProcess
GetVersion
GetStartupInfoA
RtlUnwind
LocalAlloc
GetSystemDirectoryA
GetModuleHandleA
IsBadStringPtrA
GetLocalTime
lstrcmpiA
GetVersionExA
GlobalMemoryStatus
GetComputerNameA
GetStringTypeW
GetLastError
GetCurrentThreadId
GetShortPathNameA
LoadLibraryA
FreeLibrary
GetProcAddress
lstrcpyA
GetTempPathA
GetWindowsDirectoryA
lstrcatA
GetFileAttributesA
DeleteFileA
LocalFree
lstrlenA
IsBadReadPtr
IsBadWritePtr
CreateThread
lstrcpynA
GetCommandLineA
WaitForSingleObject
GetTickCount
Sleep
GetModuleFileNameA
ExitProcess

user32

CloseDesktop
wvsprintfA
PeekMessageA
DispatchMessageA
TranslateMessage
wsprintfA
GetUserObjectInformationA
OpenInputDesktop

advapi32

CreateServiceA
RegOpenKeyA
RegCreateKeyA
RegSetValueExA
RegDeleteValueA
RegQueryValueExA
RegCloseKey
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA
SetServiceStatus
ControlService
DeleteService
GetUserNameA
CloseServiceHandle
StartServiceA
OpenServiceA
OpenSCManagerA

shell32

ShellExecuteA

ws2_32

getpeername
ntohs
send
recv
WSAGetLastError
inet_addr
gethostbyaddr
gethostbyname
htons
connect
inet_ntoa
WSACreateEvent
socket
WSACloseEvent
WSAEventSelect
WSAWaitForMultipleEvents
WSAEnumNetworkEvents
WSACleanup
WSAStartup
closesocket

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f690849beeb36157d49229f8d6a809cf

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ws2_32

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 11KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 11KB

.rsrc
Size: 4KB - Virtual size: 1KB