04a7ce70322d5084b9195e637f77d530_NeikiAnalytics

Sharing

Copy URL

Twitter E-mail

General

Target

04a7ce70322d5084b9195e637f77d530_NeikiAnalytics
Size

442KB
MD5

04a7ce70322d5084b9195e637f77d530
SHA1

b0ae5d111a44b9f93a6a33c33cdd924eb8afd697
SHA256

b271dd5b585ff871c235b1171de45636890cf8aeb504bba213cb6d39d8a540cd
SHA512

d30fe505e3cecaa588173c0524f5c8bb17a85ddf5d09f77861b5f6c8f883b3aaf5be5c263d2f7d21445f9164ece7a5be78d255adbfb03ececd1e13ac14177c62
SSDEEP

12288:S5B/u2I2VucGElL4Z6aWee53MqHXAytp/XvqbCobObNCgq:q827YSMUaX+X5/qbCXR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04a7ce70322d5084b9195e637f77d530_NeikiAnalytics

Files

04a7ce70322d5084b9195e637f77d530_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

505c7f37e87e4589bc4e7bac90527b4b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
GetTimeZoneInformation
lstrcat
GetFileAttributesExW
GetStartupInfoW
CompareStringW
HeapAlloc
LoadLibraryA
VirtualProtect
SetHandleCount
ResetEvent
WriteConsoleOutputCharacterA
CompareStringA
GetCommandLineW
UnhandledExceptionFilter
VirtualFree
GetCPInfo
GetStringTypeW
GetSystemInfo
GetLogicalDriveStringsA
TlsGetValue
GetEnvironmentStringsW
GetTimeFormatA
GetFileType
GetTempFileNameA
HeapCreate
WriteFile
GetStringTypeA
GetProcAddress
EnterCriticalSection
GetStdHandle
HeapFree
ContinueDebugEvent
GetEnvironmentStrings
LCMapStringA
HeapDestroy
VirtualQuery
SetEnvironmentVariableA
HeapSize
TlsAlloc
GetCommandLineA
InitializeCriticalSection
WideCharToMultiByte
GetStartupInfoA
HeapReAlloc
MultiByteToWideChar
ExitProcess
DeleteCriticalSection
FindFirstFileExA
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess
IsValidLocale
GetModuleHandleA
GetLocaleInfoW
IsBadWritePtr
IsValidCodePage
GetCurrentThreadId
TlsFree
GetUserDefaultLCID
GetDateFormatA
GetModuleFileNameW
GetCurrentProcessId
GetModuleFileNameA
LCMapStringW
GetCurrentThread
FindNextChangeNotification
GetTickCount
GetVersionExA
FreeEnvironmentStringsW
GetLocaleInfoA
TlsSetValue
SetLastError
RtlUnwind
GetLastError
GetSystemTimeAsFileTime
InterlockedExchange
LeaveCriticalSection
FreeEnvironmentStringsA
EnumSystemLocalesA
GetOEMCP

wininet

FtpRenameFileW
InternetTimeToSystemTime
InternetGetCertByURLA
UpdateUrlCacheContentPath
GetUrlCacheGroupAttributeA

advapi32

CryptSignHashW
CryptDecrypt
CryptSignHashA
AbortSystemShutdownA
CryptGetDefaultProviderA
CryptEncrypt
CryptAcquireContextW
CryptGetHashParam
RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
CryptEnumProviderTypesW
CryptDuplicateHash
RegConnectRegistryA

user32

CreateWindowExA

Sections

.text
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 308KB - Virtual size: 307KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

505c7f37e87e4589bc4e7bac90527b4b

Headers

File Characteristics

Imports

kernel32

wininet

advapi32

user32

Sections

.text Size: 126KB - Virtual size: 125KB

.data Size: 308KB - Virtual size: 307KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 126KB - Virtual size: 125KB

.data
Size: 308KB - Virtual size: 307KB

.rsrc
Size: 7KB - Virtual size: 7KB