1f14945ccce59ee14c8caaa04273fdf0_NeikiAnalytics

General

Target

1f14945ccce59ee14c8caaa04273fdf0_NeikiAnalytics
Size

27KB
MD5

1f14945ccce59ee14c8caaa04273fdf0
SHA1

54196d33e3954cc274faff2351ef810254e78398
SHA256

c588c7ec9784cb45a5d90596f04f3134b32273e60d509ee9cd414de3ec844566
SHA512

463e873826abae637a6a49f74d33a1645919bcb1d59973fa37838575519fe80abfc62c8b092ec6be19846c2ec50b3cd7e18d0a728d9363cbf2496ccf6b0d34d8
SSDEEP

384:fJVW1TCsGFX6/555+555ypYkyEEpYZGW9mULztqZYsY1jhdnwX:uCZ6/555+555spYpYZGW9m4pF/9hJG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1f14945ccce59ee14c8caaa04273fdf0_NeikiAnalytics

Files

1f14945ccce59ee14c8caaa04273fdf0_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

9b5f3937b286c1532553167f57cd7647

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GetModuleHandleA
CreateFileMappingA
GetCurrentProcessId
CreateEventA
SetEvent
CopyFileA
GetCurrentProcess
FreeLibrary
CloseHandle
CreateProcessA
GetProcAddress
LoadLibraryA
GetModuleFileNameA
GetLastError
GetVersion
GetCommandLineA
GetShortPathNameA
Sleep
SetFileTime
GetFileTime
CreateFileA
WriteFile
ReadFile
UnmapViewOfFile
SetPriorityClass
OpenFileMappingA
WaitForSingleObject
OpenEventA
GetEnvironmentVariableA
FindClose
FindNextFileA
FindFirstFileA
GetVolumeInformationA
DeleteFileA
SetThreadPriority
GetCurrentThread
MapViewOfFile

advapi32

RegOpenKeyA
RegQueryValueExA
RegDeleteKeyA
RegDeleteValueA
RegEnumValueA
RegEnumKeyExA
RegOpenKeyExA
SetServiceStatus
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
QueryServiceConfigA
ControlService
StartServiceA
DeleteService
OpenSCManagerA
CreateServiceA
CloseServiceHandle
OpenServiceA
ChangeServiceConfigA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
memcpy
_stricmp
strcmp
_strnicmp
time
srand
malloc
free
strchr
_strlwr
_except_handler3
sprintf
strlen
rand
strcpy
strcat
memset

shell32

SHGetSpecialFolderPathA

shlwapi

PathFileExistsA
SHDeleteKeyA
PathFindFileNameA

Sections

WIN0
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avp
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9b5f3937b286c1532553167f57cd7647

Headers

File Characteristics

Imports

kernel32

advapi32

msvcrt

shell32

shlwapi

Sections

WIN0 Size: 24KB - Virtual size: 24KB

.avp Size: 2KB - Virtual size: 4KB

WIN0
Size: 24KB - Virtual size: 24KB

.avp
Size: 2KB - Virtual size: 4KB