08e8ea4bc19e23f0f93ccf84619b5f70_NeikiAnalytics

General

Target

08e8ea4bc19e23f0f93ccf84619b5f70_NeikiAnalytics
Size

286KB
MD5

08e8ea4bc19e23f0f93ccf84619b5f70
SHA1

e1ba59a25eb382b760136eadf9b1a797e33662ce
SHA256

a7e186423a9e98674669a2fd57a23be876b1cad0e820cbfbe0b28f248fd6bfb8
SHA512

03c2bf4fbab3c06fb0fc14e73b9208792078b4aa36658bb56c6ad4ee607c849b22e8661ab0656dafc4ccb33643aca40b9ec226dd9a1cb6c0c167fdcc45502601
SSDEEP

6144:BGw/JVknzAuK83xM+B6n8iQdlvV3YDjIN:BGwknfKGx/681dld

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08e8ea4bc19e23f0f93ccf84619b5f70_NeikiAnalytics

Files

08e8ea4bc19e23f0f93ccf84619b5f70_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

df6df40747497ecfdf0af4579866af41

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
GetVersionExA
HeapSize
TlsAlloc
GetProcAddress
InitializeCriticalSection
HeapReAlloc
TlsGetValue
DeleteCriticalSection
GetStartupInfoA
GetCurrentProcessId
VirtualFree
AllocConsole
GetDateFormatA
VirtualProtect
GetModuleHandleA
IsBadWritePtr
RtlFillMemory
WideCharToMultiByte
LeaveCriticalSection
GetFileType
GetTimeFormatA
EnumSystemLocalesA
GetSystemInfo
IsValidLocale
GetCalendarInfoA
GetModuleFileNameW
MoveFileA
SetConsoleWindowInfo
ExitProcess
GetTickCount
GetSystemTimeAdjustment
UnhandledExceptionFilter
HeapFree
GetCPInfo
GetModuleFileNameA
GetStringTypeA
LoadLibraryA
QueryPerformanceCounter
GetACP
VirtualAlloc
CreateNamedPipeW
EnterCriticalSection
VirtualQuery
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
GetCommandLineA
GetEnvironmentStrings
GetLocaleInfoA
SetEnvironmentVariableA
WriteFile
HeapCreate
FreeEnvironmentStringsA
GetSystemTimeAsFileTime
GetCommandLineW
FindFirstFileA
ReadConsoleA
GetCurrentThread
GetEnvironmentStringsW
TlsSetValue
SetLastError
LCMapStringA
GetStringTypeW
HeapDestroy
GetLastError
SetHandleCount
FlushInstructionCache
GetUserDefaultLCID
TlsFree
GetLocaleInfoW
GetCompressedFileSizeW
InterlockedExchange
GetStartupInfoW
GetOEMCP
FreeEnvironmentStringsW
LCMapStringW
CompareStringW
CompareStringA
IsValidCodePage
GetTimeZoneInformation
HeapAlloc
MultiByteToWideChar
GetProfileStringW
OpenEventA

comdlg32

PrintDlgA
ChooseColorA
GetOpenFileNameW
GetSaveFileNameA
ReplaceTextA
GetFileTitleA
FindTextA
PageSetupDlgA

Sections

.text
Size: 134KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

df6df40747497ecfdf0af4579866af41

Headers

File Characteristics

Imports

kernel32

comdlg32

Sections

.text Size: 134KB - Virtual size: 134KB

.data Size: 137KB - Virtual size: 136KB

.rsrc Size: 14KB - Virtual size: 13KB

.text
Size: 134KB - Virtual size: 134KB

.data
Size: 137KB - Virtual size: 136KB

.rsrc
Size: 14KB - Virtual size: 13KB