5356360fca5919a61c74607d815ce470_NeikiAnalytics

Sharing

Copy URL

Twitter E-mail

General

Target

5356360fca5919a61c74607d815ce470_NeikiAnalytics
Size

626KB
MD5

5356360fca5919a61c74607d815ce470
SHA1

eb5c5b621c2c7900e997dd24c1d3b3da0fe2bec6
SHA256

38152c457aa4f214d190c5165cf0f7e8020d99f19ed14e73b15f9dc8aeae3892
SHA512

2f91d8ca53b70a8ccf3d1cf37f1b01d9c17668659c7cbf60865b513a5363c76abe08e66c63750d5b40332906830c2b2b4c4691fc417565be23c832789d8ae072
SSDEEP

12288:vQFS1l9x2TduSZpUdxB30GHrVxGnXQSaWt+DNISOgv3isiyWcQ:GS1TATduSZpUR0GHrVQ1aW4mSOgv3isi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5356360fca5919a61c74607d815ce470_NeikiAnalytics

Files

5356360fca5919a61c74607d815ce470_NeikiAnalytics
.exe windows:10 windows x86 arch:x86

1e4973d83298d4f758b718cdb9a58676

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

msifiler.pdb

Imports

kernel32

GetModuleFileNameA
SetErrorMode
GetLastError
GetFileAttributesA
CreateFileA
LoadLibraryA
GlobalAlloc
GlobalFree
CloseHandle
GetProcAddress
GetFileSize
GetModuleHandleW
FreeLibrary
CreateFileW
VirtualQuery
GetSystemInfo
FlushFileBuffers
WriteConsoleW
SetStdHandle
LCMapStringW
MultiByteToWideChar
GetStringTypeW
SetFilePointer
GetConsoleMode
GetConsoleCP
RtlUnwind
VirtualAlloc
HeapReAlloc
VirtualProtect
Sleep
GetCPInfo
GetCommandLineA
GetVersionExW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
SetLastError
GetCurrentThreadId
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
ExitProcess
LoadLibraryExW
GetStdHandle
WriteFile
HeapCreate
HeapFree
VirtualFree
GetFileType
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetTickCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
WideCharToMultiByte
OutputDebugStringA
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
IsValidCodePage
GetACP
GetOEMCP

msi

ord20
ord158
ord141
ord148
ord159
ord194
ord119
ord75
ord163
ord117
ord124
ord31
ord77
ord93
ord164
ord160
ord91
ord121
ord8
ord17
ord33
ord116

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

ole32

CoUninitialize
CoInitialize

Sections

.text
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 568KB - Virtual size: 572KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1e4973d83298d4f758b718cdb9a58676

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

msi

version

ole32

Sections

.text Size: 49KB - Virtual size: 49KB

.data Size: 3KB - Virtual size: 9KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 568KB - Virtual size: 572KB

.text
Size: 49KB - Virtual size: 49KB

.data
Size: 3KB - Virtual size: 9KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 568KB - Virtual size: 572KB