a0598febd7418900070641b141360370_NeikiAnalytics

Sharing

Copy URL

Twitter E-mail

General

Target

a0598febd7418900070641b141360370_NeikiAnalytics
Size

468KB
MD5

a0598febd7418900070641b141360370
SHA1

55362c916dc8c127def5ff4ed3e2028368cec150
SHA256

58886927c83d33f2105fbf400e68ae9ac0792e8085afc267b31915a9801a40ab
SHA512

1bf9478e2d391069661698546428e628a660b7fb2a2d1c3d83a4a9db6a7cec80cfb8f74a13d4734e307608b59aa24e366b2855cc04a2b613f337b7a2c941bb47
SSDEEP

12288:wSnkDoW++Wq5mtU4u4A6+0U9eXa77U/StOdmCKfaGPLKcvfhp2O9YoHsfzPmsBwe:wXwPaBsERZd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0598febd7418900070641b141360370_NeikiAnalytics

Files

a0598febd7418900070641b141360370_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

ade380d0b9a9aa31d04a80ece033dbe6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

select
inet_ntoa
getsockname
accept
WSAGetLastError
socket
ntohs
__WSAFDIsSet
inet_addr
WSAAsyncSelect
connect
ioctlsocket
gethostbyname
closesocket
listen
setsockopt
WSAStartup
WSACleanup
htons
send
recv
bind

gdi32

CreateFontA
GetStockObject

kernel32

GetCurrentDirectoryA
GetCurrentThreadId
TlsAlloc
DeleteFileA
LCMapStringA
GetFileAttributesA
GetCurrentProcessId
CreateDirectoryA
SetFilePointer
SetEndOfFile
SetEnvironmentVariableA
CompareStringW
CompareStringA
FreeLibrary
GetSystemInfo
GetVolumeInformationA
GetModuleFileNameA
GetLastError
LoadLibraryA
GetProcAddress
ReleaseSemaphore
SetConsoleCtrlHandler
GetVersionExA
SetProcessShutdownParameters
GetProcessShutdownParameters
LocalUnlock
LocalFree
LocalLock
LocalAlloc
CloseHandle
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
CreateSemaphoreA
OpenEventA
Sleep
WaitForMultipleObjects
CreateFileA
DeviceIoControl
HeapFree
HeapAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileA
InterlockedDecrement
InterlockedIncrement
MoveFileA
HeapReAlloc
EnterCriticalSection
LeaveCriticalSection
FindNextFileA
FlushFileBuffers
ExitProcess
TerminateProcess
GetCurrentProcess
ResumeThread
CreateThread
TlsSetValue
TlsGetValue
ExitThread
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
GetFullPathNameA
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
InitializeCriticalSection
DeleteCriticalSection
RtlUnwind
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
WideCharToMultiByte
SetStdHandle
UnhandledExceptionFilter
LCMapStringW
SetLastError
SetHandleCount
GetStdHandle
GetFileType
WriteFile
GetEnvironmentStringsW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetOEMCP
ReadFile
HeapSize
GetCPInfo
GetACP

user32

PostMessageA
EndPaint
BeginPaint
SetWindowTextA
PostQuitMessage
DefWindowProcA
DestroyWindow
CallWindowProcA
GetClientRect
MoveWindow
MessageBoxA
DispatchMessageA
GetMessageA
UpdateWindow
TranslateMessage
CreateWindowExA
RegisterClassA
LoadCursorA
LoadIconA
SetWindowLongA
GetWindowLongA
UnregisterClassA
GetClassInfoA
SendMessageA
GetWindowTextLengthA
ShowWindow

advapi32

RegisterEventSourceA
ReportEventA
DeregisterEventSource
GetCurrentHwProfileA

libeay32

ord486
ord493
ord227
ord117
ord3106
ord2
ord501
ord469
ord485
ord151
ord119
ord3024
ord3171
ord484
ord223
ord490

zlib1

deflate
deflateInit_
inflateInit_
inflate
inflateEnd
deflateEnd
zlibVersion

Sections

.text
Size: 356KB - Virtual size: 355KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 430KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ade380d0b9a9aa31d04a80ece033dbe6

Headers

File Characteristics

Imports

wsock32

gdi32

kernel32

user32

advapi32

libeay32

zlib1

Sections

.text Size: 356KB - Virtual size: 355KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 88KB - Virtual size: 430KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 356KB - Virtual size: 355KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 88KB - Virtual size: 430KB

.rsrc
Size: 4KB - Virtual size: 1KB