05cdb1dc3b4ac1ec8a3270b0033b8fe0_NeikiAnalytics

Sharing

Copy URL

Twitter E-mail

General

Target

05cdb1dc3b4ac1ec8a3270b0033b8fe0_NeikiAnalytics
Size

469KB
MD5

05cdb1dc3b4ac1ec8a3270b0033b8fe0
SHA1

6721b6d269ec76c169f966a0ca3b90aaf29efa75
SHA256

7ea1c56400e5c253f6b77ea5cc28d97d8e3af53b0e810c9452c192beadcf2274
SHA512

5c34516dd7739a72e2ca03c88997ed13777c09a1aa1a1d7e4786193796fac475e79d6f00da6faab68645edc2b1b4c11e2d4195fe2e0556281074cac123afaaf2
SSDEEP

6144:LTUUSm8TNeM3S4hVcp7ERae6mqyi2yJv7WtrS8c1B8Ll3+GnJZY6J9acCXWpwosQ:L4UsTNeMUreS94494tYXasQJ2Rr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05cdb1dc3b4ac1ec8a3270b0033b8fe0_NeikiAnalytics

Files

05cdb1dc3b4ac1ec8a3270b0033b8fe0_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

3081fd9a315cbcf95563a1e8b2cb8b48

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetUserDefaultLCID
IsDebuggerPresent
IsValidLocale
TlsFree
GetProcAddress
LCMapStringA
HeapReAlloc
TlsSetValue
EnumSystemLocalesA
GetTimeFormatA
GetCurrentProcessId
VirtualFree
lstrcatA
GetEnvironmentStringsW
WideCharToMultiByte
GetModuleHandleA
LCMapStringW
GetPrivateProfileIntA
WriteFile
SetHandleCount
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsW
HeapSize
MultiByteToWideChar
GetConsoleMode
GetStdHandle
PulseEvent
MapViewOfFileEx
ExitProcess
GetTickCount
CreateFileMappingW
UnhandledExceptionFilter
HeapFree
GetCommandLineA
GetModuleFileNameA
HeapCreate
LoadLibraryA
QueryPerformanceCounter
GetCPInfo
VirtualAlloc
GetStartupInfoA
FreeEnvironmentStringsA
VirtualQuery
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
GetCurrentThread
GetFileType
GetModuleHandleW
SetUnhandledExceptionFilter
GetFileAttributesA
IsValidCodePage
FreeLibrary
GetSystemTimeAsFileTime
GetDateFormatA
CompareStringW
WriteProfileStringW
GetEnvironmentStrings
GetLastError
CompareStringA
TlsAlloc
SetConsoleCtrlHandler
HeapDestroy
GetStringTypeA
GetLocaleInfoW
Sleep
GetFullPathNameA
InterlockedIncrement
TlsGetValue
GetOEMCP
RtlZeroMemory
InterlockedExchange
GetTimeZoneInformation
GetStringTypeW
GetACP
SetEnvironmentVariableA
EnterCriticalSection
DeleteCriticalSection
LeaveCriticalSection
InterlockedDecrement
HeapAlloc
SetLastError
GetSystemInfo

user32

PtInRect
SetCursor
GetNextDlgGroupItem
ToAscii
GetWindowLongW
OpenClipboard
ClientToScreen
TranslateAcceleratorW
LockWindowUpdate
DrawTextExA
SetWindowPlacement
GetParent
CallMsgFilter
ChangeDisplaySettingsExW
FlashWindowEx
SetSystemCursor
EndMenu
LoadCursorA
GetListBoxInfo
TileChildWindows
WINNLSEnableIME

Sections

.text
Size: 146KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 312KB - Virtual size: 311KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3081fd9a315cbcf95563a1e8b2cb8b48

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 146KB - Virtual size: 146KB

.data Size: 312KB - Virtual size: 311KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 146KB - Virtual size: 146KB

.data
Size: 312KB - Virtual size: 311KB

.rsrc
Size: 10KB - Virtual size: 9KB