6c4e1487a43dbc99a5c90f2bc4509840_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

6c4e1487a43dbc99a5c90f2bc4509840_NeikiAnalytics
Size

956KB
MD5

6c4e1487a43dbc99a5c90f2bc4509840
SHA1

941f9ece077b5827699eb73a2e4f001a1e6ce4fd
SHA256

5b18a428b1c6aa81a5505f28552066f05b4ed31652d7edd2e74264c720a17cfa
SHA512

6b817bc4296c2a463c0702d7263b47cea26cf5c69bc29e295376f7382615a21aed242ac20529a4c914f14f40818cdeb96a972e27bf5584af05fc9c0f99997ccb
SSDEEP

24576:MdsHIqGHpnX7JbarCJDOyuGwJZd/r4rn+YDat:OnX7Jbho2Dk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6c4e1487a43dbc99a5c90f2bc4509840_NeikiAnalytics

Files

6c4e1487a43dbc99a5c90f2bc4509840_NeikiAnalytics
.exe windows:5 windows x64 arch:x64

6b1ad8626ea0a484ae20ec839b15789d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegDeleteValueA
RegCloseKey

user32

GetWindowThreadProcessId
ShowWindow
EnumWindows
FindWindowA

shell32

ShellExecuteA

kernel32

SetEndOfFile
CreateProcessW
CreateFileA
HeapSize
HeapReAlloc
CompareStringW
GetDriveTypeW
SetConsoleCtrlHandler
GetLocalTime
Beep
LocalFree
FormatMessageA
GetLastError
WriteConsoleW
GetConsoleScreenBufferInfo
GetStdHandle
FileTimeToLocalFileTime
FindClose
FindNextFileW
CreateProcessA
GetModuleFileNameA
CloseHandle
GetExitCodeProcess
OpenProcess
LoadLibraryA
GetProcAddress
FreeLibrary
GetVersion
HeapFree
GetConsoleMode
SetConsoleMode
ReadConsoleA
WriteConsoleInputA
ReadConsoleInputA
ReadConsoleInputW
PeekConsoleInputA
PeekConsoleInputW
GetNumberOfConsoleInputEvents
MultiByteToWideChar
WideCharToMultiByte
GetCPInfoExA
EnumSystemCodePagesA
GetConsoleCP
GetLocaleInfoA
SetConsoleWindowInfo
ScrollConsoleScreenBufferA
SetConsoleScreenBufferSize
GetLargestConsoleWindowSize
ReadConsoleOutputA
WriteConsoleOutputAttribute
WriteConsoleOutputCharacterA
ReadConsoleOutputCharacterA
FillConsoleOutputAttribute
FillConsoleOutputCharacterA
WriteConsoleOutputA
SetLastError
FindFirstFileW
GetShortPathNameW
SetFileAttributesW
MoveFileW
MoveFileExW
CreateFileW
GetFileAttributesExW
GetDiskFreeSpaceW
FileTimeToDosDateTime
DeviceIoControl
GetFileAttributesA
GetFileAttributesW
SetFileTime
GetVolumePathNamesForVolumeNameA
GetVolumeInformationA
LocalFileTimeToFileTime
DosDateTimeToFileTime
GetFileTime
TerminateProcess
GetExitCodeThread
WaitForSingleObject
CreateRemoteThread
GetModuleHandleA
ResetEvent
SetEvent
WaitForMultipleObjects
CreateEventA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
HeapAlloc
GetProcessHeap
GetVersionExA
GetProcessId
CreateConsoleScreenBuffer
SetConsoleCursorPosition
GetConsoleCursorInfo
SetConsoleCursorInfo
WriteConsoleA
Sleep
SetConsoleTitleA
GetTickCount
GetCurrentProcessId
GetConsoleTitleA
GetWindowsDirectoryA
GetSystemDirectoryA
WriteConsoleOutputW
WriteConsoleOutputCharacterW
FillConsoleOutputCharacterW
SetNamedPipeHandleState
FlushFileBuffers
WriteFile
ReadFile
GetDriveTypeA
GetCommandLineA
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetModuleHandleW
ExitProcess
DecodePointer
GetCurrentDirectoryW
SetCurrentDirectoryW
DuplicateHandle
GetCurrentProcess
CreatePipe
HeapSetInformation
HeapCreate
GetStringTypeW
DeleteFileW
DeleteFileA
RemoveDirectoryW
RemoveDirectoryA
CreateDirectoryW
CreateDirectoryA
SetEnvironmentVariableW
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetFullPathNameW
GetFullPathNameA
ExitThread
ResumeThread
CreateThread
EncodePointer
FlsGetValue
FlsSetValue
FlsFree
GetCurrentThreadId
FlsAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
RtlUnwindEx
InitializeCriticalSectionAndSpinCount
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoW
QueryPerformanceCounter
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
LoadLibraryW
GetLocaleInfoW
SetFilePointer
SetStdHandle
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale

Sections

.text
Size: 722KB - Virtual size: 721KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 170KB - Virtual size: 485KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6b1ad8626ea0a484ae20ec839b15789d

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

user32

shell32

kernel32

Sections

.text Size: 722KB - Virtual size: 721KB

.rdata Size: 39KB - Virtual size: 39KB

.data Size: 170KB - Virtual size: 485KB

.pdata Size: 19KB - Virtual size: 19KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 722KB - Virtual size: 721KB

.rdata
Size: 39KB - Virtual size: 39KB

.data
Size: 170KB - Virtual size: 485KB

.pdata
Size: 19KB - Virtual size: 19KB

.reloc
Size: 4KB - Virtual size: 3KB