a9f502e66689b281306e62a65ba95550_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

a9f502e66689b281306e62a65ba95550_NeikiAnalytics
Size

1.2MB
MD5

a9f502e66689b281306e62a65ba95550
SHA1

8fc79f40e74c88abe0801a55208e3a061f57e842
SHA256

f11cec8c1bc58008b45fa8f87b6a4b04a9d55cae910f3368e7e19ad80cbd9532
SHA512

50e03986b8152db5f57c609af66768e19daa0cadf9473290120e654715297d18a1e5ec23a13019c808f1b17c91a995ef2f6dfab32c070171635085726df17ee8
SSDEEP

24576:UmewowtgM2GXoZ6uoNjTCDvPz+kjF5Y3pfI84MtzaCOsF+uzSmB:UmeXwtJcEjTuPL567zaCOsMzE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a9f502e66689b281306e62a65ba95550_NeikiAnalytics

Files

a9f502e66689b281306e62a65ba95550_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

64b324385e8c46894bed31f5424708fc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryA
GetSystemWindowsDirectoryA
GetNativeSystemInfo
GetComputerNameA
IsBadReadPtr
GetProcessTimes
Sleep
SwitchToThread
GetLastError
CloseHandle
FindFirstFileA
FindNextFileA
FindClose
CreateMutexA
WaitForSingleObject
ReleaseMutex
UnmapViewOfFile
CreateSemaphoreA
ReleaseSemaphore
CreateFileMappingA
MapViewOfFileEx
CreateFileA
GetFileSizeEx
FormatMessageA
LocalFree
CreateDirectoryA
RemoveDirectoryA
SetEndOfFile
SetFilePointerEx
WriteFile
GetProcAddress
OpenProcess
GetSystemTimeAsFileTime
QueryPerformanceCounter
MultiByteToWideChar
WideCharToMultiByte
SetCurrentDirectoryA
GetFileAttributesA
GetFullPathNameA
GetSystemTime
FileTimeToSystemTime
GetTimeZoneInformation
GetSystemDirectoryA
GetStdHandle
GetConsoleMode
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetFileTime
FlushFileBuffers
GetFileTime
ReadFile
SetFilePointer
GetDriveTypeA
CreateFileW
WriteConsoleW
SetStdHandle
OutputDebugStringW
GetConsoleCP
GetModuleFileNameW
GetOEMCP
GetSystemInfo
SetLastError
GetModuleHandleA
GetModuleFileNameA
VirtualQuery
GetVersionExA
SetPriorityClass
TlsFree
SetThreadPriority
GetCurrentThread
TerminateProcess
HeapFree
GetCurrentDirectoryA
SetConsoleCtrlHandler
OpenEventA
SetEvent
GetACP
SystemTimeToFileTime
GetTempPathA
GetLocalTime
GetDiskFreeSpaceA
GetUserDefaultUILanguage
GetExitCodeThread
GetCurrentThreadId
DuplicateHandle
GetTickCount
GetStartupInfoW
GetCurrentProcessId
GetCurrentProcess
GetProcessHeap
HeapAlloc
IsValidCodePage
HeapSize
HeapCreate
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetModuleHandleW
TlsSetValue
TlsGetValue
EncodePointer
DecodePointer
GetStringTypeW
RaiseException
RtlUnwind
GetFileType
ExitProcess
GetModuleHandleExW
HeapReAlloc
GetCPInfo
LoadLibraryExW
IsDebuggerPresent
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
TlsAlloc
SetEnvironmentVariableA

user32

GetSystemMetrics
CharUpperBuffA
DrawMenuBar
GetSystemMenu
AppendMenuA
MessageBoxA
CharLowerBuffA
LoadStringA

advapi32

InitializeSecurityDescriptor
CryptGenRandom
CryptReleaseContext
CryptAcquireContextA
ReadEventLogA
CloseEventLog
OpenEventLogA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
SetSecurityDescriptorDacl

ws2_32

WSACleanup

Sections

__wibu00
Size: 284KB - Virtual size: 282KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

__wibu01
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

__wibu02
Size: 4KB - Virtual size: 874KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

__wibu03
Size: 4KB - Virtual size: 181B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

__wibu04
Size: 800KB - Virtual size: 800KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

__wibu05
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

__wibu06
Size: 44KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

__wibu07
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

64b324385e8c46894bed31f5424708fc

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

Sections

__wibu00 Size: 284KB - Virtual size: 282KB

__wibu01 Size: 40KB - Virtual size: 39KB

__wibu02 Size: 4KB - Virtual size: 874KB

__wibu03 Size: 4KB - Virtual size: 181B

.rsrc Size: 4KB - Virtual size: 3KB

__wibu04 Size: 800KB - Virtual size: 800KB

__wibu05 Size: 4KB - Virtual size: 4KB

__wibu06 Size: 44KB - Virtual size: 56KB

__wibu07 Size: 20KB - Virtual size: 20KB

__wibu00
Size: 284KB - Virtual size: 282KB

__wibu01
Size: 40KB - Virtual size: 39KB

__wibu02
Size: 4KB - Virtual size: 874KB

__wibu03
Size: 4KB - Virtual size: 181B

.rsrc
Size: 4KB - Virtual size: 3KB

__wibu04
Size: 800KB - Virtual size: 800KB

__wibu05
Size: 4KB - Virtual size: 4KB

__wibu06
Size: 44KB - Virtual size: 56KB

__wibu07
Size: 20KB - Virtual size: 20KB