be10efd1bc1a8cfb99c470dcbcc3dfd0_NeikiAnalytics | Triage

Sharing

Copy URL Twitter E-mail

General

Target

be10efd1bc1a8cfb99c470dcbcc3dfd0_NeikiAnalytics
Size

76KB
MD5

be10efd1bc1a8cfb99c470dcbcc3dfd0
SHA1

348225661e3bbd8544e2c3288463ec81f0249286
SHA256

802caaf6e6527813656641e4450895d4c166e053334fc61781f8041832db58a1
SHA512

338f6b0c678dd4624b1b41638a36f773c3d66468ff27910672196ddeb68ef93e181af55d508599c9efd3e64fe1bd029f57bab221d111e7a25f12b386745c49ab
SSDEEP

768:qZtRyqYA+PwyEsbqUawgvCupKJmVSg5MCojFP:qZ3yqYA+PwypqUapHpKJUh5T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be10efd1bc1a8cfb99c470dcbcc3dfd0_NeikiAnalytics

Files

be10efd1bc1a8cfb99c470dcbcc3dfd0_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

ccd1adc48e21e226ecf5f9c68e0fa802

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsDialogMessageA
IsZoomed
DrawIcon
PostMessageA
DispatchMessageA
SetCursorPos
ShowWindow
GetWindowLongA
LoadImageA
SetFocus
IsWindow
GetWindowTextA

certcli

CADeleteCA
CAEnumNextCA
CAEnumFirstCA
CAEnumCertTypes

wtsapi32

WTSSetUserConfigW
WTSEnumerateProcessesA
WTSVirtualChannelClose
WTSQuerySessionInformationA
WTSCloseServer
WTSQueryUserToken
WTSEnumerateServersA
WTSVirtualChannelQuery
WTSSetSessionInformationA
WTSFreeMemory
WTSVirtualChannelWrite
WTSSendMessageA

kernel32

WriteFile
GetCurrentDirectoryA
ExpandEnvironmentStringsA
GetConsoleAliasW
CreateMutexA
SleepEx
CopyFileA
CreateNamedPipeW
GetPrivateProfileIntA
HeapCreate
QueryDosDeviceA
WriteProcessMemory
LoadLibraryA
SetEnvironmentVariableA
GetFullPathNameA
CreateEventW
GetTickCount
GetTimeFormatA
GetLongPathNameA
GetProcessHeap

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ