00d0e3284c34cfaf00628b780986c000_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

00d0e3284c34cfaf00628b780986c000_NeikiAnalytics
Size

292KB
MD5

00d0e3284c34cfaf00628b780986c000
SHA1

11b3f404501a1dfcaab7252f35c3752cb7e675e0
SHA256

d7f9a404720e32f0dd5de777425d7979b1795ea1318c5c352035d573fc0032a1
SHA512

197211a6316573b820fb1f25591a46e5c224637349a2babe9f5cf7353e89975db38d714d6547d7da40380e8cb63ff8ca71a5a94fbcd22aa19045cda8d31ff790
SSDEEP

6144:pFcEIf57V8Q94nS9AE+D5BpXxelbaVWT0OIN6HqewPEYY/09jBzN6lHjPoUwC:pFcEm57Vh+nS9AFDdXUlbacT0Oo6Hqep

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00d0e3284c34cfaf00628b780986c000_NeikiAnalytics

Files

00d0e3284c34cfaf00628b780986c000_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

56bba9e376b49c3daf5abf990fc81b89

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDateFormatA
InterlockedDecrement
GetCurrencyFormatW
CompareStringW
GetUserDefaultLCID
FreeEnvironmentStringsW
HeapAlloc
LoadLibraryA
WriteFile
Sleep
DeleteCriticalSection
GetThreadPriority
FreeEnvironmentStringsA
GetFileType
VirtualFree
WideCharToMultiByte
GetEnvironmentStrings
HeapDestroy
HeapSize
EnterCriticalSection
TlsSetValue
GetOEMCP
InitializeCriticalSection
GetProcessHeap
GetPrivateProfileSectionNamesA
IsValidCodePage
GetTimeFormatA
HeapCreate
GetProcAddress
GetACP
GetVersionExA
HeapFree
CompareStringA
GetLocaleInfoW
GetThreadTimes
IsValidLocale
VirtualQuery
SetUnhandledExceptionFilter
LCMapStringA
TlsFree
GetEnvironmentStringsW
LCMapStringW
GetCPInfo
GetTimeZoneInformation
HeapReAlloc
SetLastError
ExitProcess
FreeLibrary
EnumSystemLocalesA
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess
SetConsoleCtrlHandler
GetModuleHandleA
GetStringTypeA
LeaveCriticalSection
MultiByteToWideChar
GetCurrentThreadId
TlsGetValue
InterlockedIncrement
GetLocaleInfoA
GetStringTypeW
GetCurrentProcessId
GetModuleFileNameA
SetEnvironmentVariableA
GetLastError
WriteProfileSectionW
GetTickCount
IsDebuggerPresent
GetCurrentThread
GetStdHandle
UnhandledExceptionFilter
TlsAlloc
RtlUnwind
GetStartupInfoA
GetSystemTimeAsFileTime
InterlockedExchange
SetHandleCount
GetCommandLineA

gdi32

PolyTextOutA
DeleteMetaFile
GetMetaRgn
ExtEscape
EnumFontFamiliesExA
CreateDCA
StretchBlt
EnumEnhMetaFile
SetBrushOrgEx
UpdateICMRegKeyW
GetEnhMetaFileDescriptionW
GetCharWidth32A
GetStretchBltMode
CreateDiscardableBitmap
SetViewportExtEx
PolyPolygon
GetTextFaceW
StartDocW
Escape
GetDeviceCaps
GetDIBits

comdlg32

GetOpenFileNameA
PrintDlgA
ChooseFontA
GetFileTitleW
GetOpenFileNameW
LoadAlterBitmap
FindTextW
ReplaceTextW
PageSetupDlgW
FindTextA
GetSaveFileNameA
PrintDlgW
ChooseColorW
ChooseFontW
GetSaveFileNameW
ReplaceTextA
ChooseColorA
PageSetupDlgA

advapi32

LookupPrivilegeNameA

Sections

.text
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

56bba9e376b49c3daf5abf990fc81b89

Headers

File Characteristics

Imports

kernel32

gdi32

comdlg32

advapi32

Sections

.text Size: 144KB - Virtual size: 144KB

.data Size: 140KB - Virtual size: 140KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 144KB - Virtual size: 144KB

.data
Size: 140KB - Virtual size: 140KB

.rsrc
Size: 6KB - Virtual size: 5KB