06b59d38b320a287d74ca663f26ae490_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

06b59d38b320a287d74ca663f26ae490_NeikiAnalytics
Size

463KB
MD5

06b59d38b320a287d74ca663f26ae490
SHA1

678b6ae443d600f29fe08f7de856008c98bc12dd
SHA256

6b24cb6b9486b7eea16e334d991c73d84fefd94c6411531a961d887c86486631
SHA512

e9ad0a6e2b92da70767ca2b261457ff729587a0cbdd853a1876dbeea33d88bc0bb36d377513ac443c5a1da0a5263430696b927cd5de6df6c55b752a02e06dae7
SSDEEP

12288:B+0pHGNsWxKeIw+3EaYI80Kg+tJ/4uJRkXmGhlxg5d:o0pHGTxKe23dLzKg+tJ/HJEX3m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06b59d38b320a287d74ca663f26ae490_NeikiAnalytics

Files

06b59d38b320a287d74ca663f26ae490_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

9f4a99b8b0bcf6415eee5a5399a8d47a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

ReplaceTextW
GetFileTitleW
GetFileTitleA

wininet

InternetSecurityProtocolToStringW
InternetCanonicalizeUrlW
InternetWriteFileExW
InternetGetCookieW
FtpCreateDirectoryW
FtpGetCurrentDirectoryA
FreeUrlCacheSpaceA
InternetAutodialHangup
GetUrlCacheEntryInfoW

user32

LoadCursorFromFileA
EnumClipboardFormats
VkKeyScanExA

advapi32

CryptEnumProviderTypesA
CryptEnumProviderTypesW

kernel32

EnterCriticalSection
GetFileSize
GetModuleFileNameW
SetThreadIdealProcessor
SetEnvironmentVariableA
VirtualAlloc
GetFileType
IsDebuggerPresent
WriteFile
LCMapStringA
GetEnvironmentStrings
DosDateTimeToFileTime
VirtualQuery
WaitNamedPipeW
GetProcessHeap
GetStartupInfoA
LCMapStringW
InterlockedExchange
GetDateFormatA
InterlockedDecrement
FillConsoleOutputCharacterW
VirtualFree
SetHandleCount
GetStartupInfoW
CompareStringW
GetOEMCP
SetUnhandledExceptionFilter
TlsSetValue
QueryPerformanceCounter
GetModuleHandleA
GetTimeFormatA
ExitProcess
FreeEnvironmentStringsW
GetCurrentProcessId
TlsFree
GetLogicalDriveStringsW
GetProfileIntA
GetCommandLineW
GetLastError
MultiByteToWideChar
ConvertDefaultLocale
TlsGetValue
ExpandEnvironmentStringsA
GetShortPathNameW
HeapAlloc
GetCurrentThread
GetACP
FreeLibrary
UnhandledExceptionFilter
GetProcAddress
SetConsoleCtrlHandler
DeleteCriticalSection
GetStringTypeW
HeapFree
OpenEventW
GetTickCount
GetStringTypeA
InterlockedCompareExchange
GetEnvironmentStringsW
GetCurrentThreadId
HeapSize
GetSystemTimeAsFileTime
HeapDestroy
InterlockedIncrement
lstrcatA
HeapReAlloc
IsValidLocale
MapViewOfFileEx
GetLocaleInfoA
FreeEnvironmentStringsA
CreateFileA
SetConsoleOutputCP
LeaveCriticalSection
HeapCreate
EnumSystemLocalesA
RtlUnwind
GetTimeZoneInformation
TlsAlloc
TerminateProcess
GetCommandLineA
GetModuleFileNameA
CreateEventA
GetLocaleInfoW
GetCPInfo
GetCurrentProcess
WideCharToMultiByte
CompareStringA
LoadLibraryA
GetVersionExA
GetUserDefaultLCID
IsValidCodePage
Sleep
SetLastError
GetStdHandle
GetSystemDefaultLangID
InitializeCriticalSection
GetStringTypeExW

gdi32

EnumICMProfilesW
GetPolyFillMode
StartPage

Sections

.text
Size: 146KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 312KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9f4a99b8b0bcf6415eee5a5399a8d47a

Headers

File Characteristics

Imports

comdlg32

wininet

user32

advapi32

kernel32

gdi32

Sections

.text Size: 146KB - Virtual size: 146KB

.data Size: 312KB - Virtual size: 312KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 146KB - Virtual size: 146KB

.data
Size: 312KB - Virtual size: 312KB

.rsrc
Size: 3KB - Virtual size: 3KB