9f821ecb91d58bbaab3a0faf03c1e700_NeikiAnalytics

Sharing

Copy URL

Twitter E-mail

General

Target

9f821ecb91d58bbaab3a0faf03c1e700_NeikiAnalytics
Size

64KB
MD5

9f821ecb91d58bbaab3a0faf03c1e700
SHA1

2d1be8f600ec59ead1b2ab75dfc844130689ee88
SHA256

247a36f1112716c8f9005c87ebf949afa8c52a1752aa874e177fa121f487e4f6
SHA512

469e6179d046e8fa229509546ef7d4ea1f6298490b8cb4b4416146becdec9a25839ddf3f4f04b11f5dfe7ff711a7f033a1d100c0a842b2b6667e030bd0e8ea46
SSDEEP

768:wA0dFEzr0oSdxqy5jX9MLN708sNKm2OfpcIHZx7EMc2BFiB9GvsXMWBCo0B:knEzaqy5TMz5OfpcCHocRs89o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9f821ecb91d58bbaab3a0faf03c1e700_NeikiAnalytics

Files

9f821ecb91d58bbaab3a0faf03c1e700_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

edb85f46733f08828718aaf04e1fe528

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeW
GetStringTypeA
MultiByteToWideChar
SetEndOfFile
LoadLibraryA
GetOEMCP
LCMapStringA
GetACP
GetCPInfo
CreateFileA
FlushFileBuffers
SetStdHandle
HeapReAlloc
FindFirstFileA
LCMapStringW
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetFileType
GetStdHandle
WriteFile
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
GetCurrentDirectoryA
Sleep
FindNextFileA
VirtualAlloc
HeapAlloc
SetHandleCount
UnhandledExceptionFilter
ReadFile
GetProcAddress
GetStartupInfoA
GetLastError
GetModuleHandleA
SetFilePointer
GetCurrentProcess
TerminateProcess
HeapFree
CloseHandle
GetCommandLineA
GetVersion
ExitProcess

user32

DialogBoxParamA
SetWindowTextA
MessageBoxA
EndPaint
BeginPaint
LoadImageA
SetMenuItemInfoA
GetMenu
GetSystemMetrics
SetWindowPos
EndDialog
GetDlgItemTextA
SetDlgItemTextA
PostMessageA
PostQuitMessage
GetClientRect
SetScrollInfo
GetActiveWindow
InvalidateRect
SendMessageA
GetCursorPos
ScreenToClient
DefWindowProcA
LoadCursorA
RegisterClassA
CreateWindowExA
ShowWindow
UpdateWindow
GetMessageA
DispatchMessageA
TranslateMessage

gdi32

GetStockObject
GetObjectA
SelectObject
DeleteDC
CreateCompatibleDC
BitBlt

comdlg32

GetOpenFileNameA

shell32

SHGetPathFromIDListA
SHGetMalloc
SHBrowseForFolderA

ole32

CoCreateInstance
CoUninitialize
CoInitialize

Sections

.text
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

edb85f46733f08828718aaf04e1fe528

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

shell32

ole32

Sections

.text Size: 40KB - Virtual size: 38KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 17KB

.rsrc Size: 4KB - Virtual size: 760B

.text
Size: 40KB - Virtual size: 38KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 17KB

.rsrc
Size: 4KB - Virtual size: 760B