08ecc6e0f4b31b4564d2f2168777bfd0_NeikiAnalytics

Sharing

Copy URL

Twitter E-mail

General

Target

08ecc6e0f4b31b4564d2f2168777bfd0_NeikiAnalytics
Size

400KB
MD5

08ecc6e0f4b31b4564d2f2168777bfd0
SHA1

25a36bd3b77a3725c2c6851b8d95b9bdbcba84dd
SHA256

16f1e2bcf5b79cfe69f54c4101bd06a85fdd5a07aaed4d699d10a48ccf991d97
SHA512

685b119fd95b6a51270fb3824254569eb268a3099629d8e5281bcb553553ab77b3688e1f7b91c948eb266fdd054c00c7ef04be00b839b88e3d453c4595803ff0
SSDEEP

12288:jGo+Y4tAwhMYgA1/98tSyA1LLbs/FA9R4pNGMPfY:qJBzLbs/FA0XGwfY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08ecc6e0f4b31b4564d2f2168777bfd0_NeikiAnalytics

Files

08ecc6e0f4b31b4564d2f2168777bfd0_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

7d3d65c5aed64e1aeabb4d3e72f67a53

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
HeapReAlloc
HeapAlloc
HeapFree
VirtualAlloc
lstrcmpi
WriteConsoleOutputW
GetConsoleOutputCP
TlsSetValue
InterlockedIncrement
lstrcpy
GlobalDeleteAtom
RemoveDirectoryA
FindFirstChangeNotificationW
EnumResourceLanguagesA
SetConsoleTitleW
EnumSystemCodePagesW
GetProcessAffinityMask
GetDiskFreeSpaceA
CreateEventW
SetThreadPriority
GetNamedPipeHandleStateW
FindResourceW
GetAtomNameA
CreateRemoteThread
ResumeThread
DisableThreadLibraryCalls
SetLocaleInfoA
GlobalFix
SetFilePointer
WaitNamedPipeW
SetThreadIdealProcessor
GetSystemPowerStatus
GetConsoleTitleW
EnumDateFormatsW
CopyFileA
GetTimeFormatW
GetSystemTime
GetEnvironmentVariableW
DeleteAtom
GetModuleFileNameW
CreateFileA
GetCompressedFileSizeA
EnumCalendarInfoExW
GetLastError
ReadProcessMemory
UpdateResourceW
FindResourceExW
lstrcpyn
GetLogicalDriveStringsW
GetLongPathNameW
CreateEventA
SetConsoleScreenBufferSize
CreateMailslotW
DisconnectNamedPipe
GetPrivateProfileSectionNamesA
UnmapViewOfFile
GlobalGetAtomNameA
FindAtomA
FindCloseChangeNotification
WaitNamedPipeA
CommConfigDialogW
GetProfileIntA
DeleteFileA
WritePrivateProfileSectionA
FoldStringA
GlobalUnlock
CreateMutexA
OpenFile
ExpandEnvironmentStringsW
WriteProfileSectionW
GetShortPathNameA
WriteConsoleA
EnumSystemCodePagesA
CreateProcessW
GetVersionExA
EnumSystemLocalesW
lstrcmpA
GetConsoleScreenBufferInfo
EnumSystemLocalesA
MoveFileExW
GetShortPathNameW
FindNextFileA
FreeConsole
GetThreadPriority
GetCalendarInfoW
GetPrivateProfileSectionA
GetStringTypeA
SetConsoleWindowInfo
lstrlenW
RtlFillMemory
GetDriveTypeW
SetEnvironmentVariableW
InitializeCriticalSection
VirtualFreeEx
GlobalAddAtomW
IsValidLocale
FlushConsoleInputBuffer
WriteConsoleOutputA
FileTimeToLocalFileTime
GetLongPathNameA
GetProfileStringW
LoadLibraryW
CreateMutexW
GlobalGetAtomNameW
CreatePipe
GetStringTypeW
PeekNamedPipe
ReadConsoleInputA
FreeEnvironmentStringsA
Sleep
TransmitCommChar
OpenProcess
WriteConsoleInputW
EnumTimeFormatsW
WriteProfileStringA
GetProcessHeaps
SetConsoleCtrlHandler
LocalFileTimeToFileTime
AddAtomW
SetComputerNameW
SystemTimeToTzSpecificLocalTime
WriteProfileStringW
SignalObjectAndWait
EnumResourceLanguagesW
OpenFileMappingA
EnumCalendarInfoW
CompareStringA
SetPriorityClass
GlobalUnWire
GetPrivateProfileStructW
SetConsoleCP
EnumTimeFormatsA
ReadConsoleInputW
SetLocalTime
CreateSemaphoreA
SetThreadExecutionState
OpenFileMappingW
HeapCreate
GetEnvironmentStringsA
GetNamedPipeHandleStateA
lstrcpynW
CreateMailslotA
SetLocaleInfoW
lstrcmpiA
TlsGetValue
SetComputerNameA
GetConsoleCP
GetMailslotInfo
SetEndOfFile
GlobalHandle
LocalFree
GetStringTypeExW
lstrcmp
FreeEnvironmentStringsW
GetDriveTypeA
DefineDosDeviceW
GetProcAddress
GetConsoleMode
GetDateFormatW
GetLogicalDrives
SetCurrentDirectoryA
WinExec
GetVolumeInformationA
DeleteCriticalSection

advapi32

CryptSetProviderExA
AbortSystemShutdownA
RegSetKeySecurity
LogonUserA
CryptSignHashW
CryptSetKeyParam
CryptSetProvParam
DuplicateTokenEx
CryptSetProviderExW
CryptVerifySignatureA
RegCreateKeyW
CryptHashData
LookupAccountNameW
RegDeleteValueA
RegOpenKeyExA
ReportEventW
RegDeleteValueW
RegRestoreKeyW
RegEnumKeyW
RegCreateKeyA
ReportEventA
CryptHashSessionKey
RegEnumKeyExA
RegLoadKeyA
InitiateSystemShutdownW
CryptDuplicateKey
RegLoadKeyW
RegCreateKeyExW
StartServiceA
StartServiceW
CryptExportKey
GetUserNameW
CryptEnumProviderTypesA
RegEnumKeyExW
CryptSetProviderA
CryptGetDefaultProviderA
CryptGetProvParam
RegDeleteKeyW
CryptVerifySignatureW
CreateServiceW
CryptGetKeyParam
RegSetValueW
GetUserNameA
RegOpenKeyExW
RegSetValueExA
DuplicateToken
RegOpenKeyA
RegEnumValueA
InitiateSystemShutdownA
LookupPrivilegeDisplayNameA
RegEnumValueW
RegNotifyChangeKeyValue
RegSaveKeyA
RegDeleteKeyA
RegQueryValueExW
InitializeSecurityDescriptor
RevertToSelf
CryptContextAddRef
RegSaveKeyW
RegQueryMultipleValuesA
CryptDestroyKey
CryptSignHashA
RegQueryInfoKeyA
RegCloseKey
CryptImportKey
LookupSecurityDescriptorPartsA
RegQueryValueExA
CryptSetHashParam
CryptGenRandom
CryptEnumProvidersA
CryptGetDefaultProviderW
CryptEncrypt
RegQueryValueW
LookupPrivilegeDisplayNameW
CryptDeriveKey
RegSetValueA
CryptDecrypt
LookupPrivilegeValueW
LookupSecurityDescriptorPartsW
RegFlushKey
RegReplaceKeyA
LookupPrivilegeNameA
RegConnectRegistryA
RegSetValueExW
LookupPrivilegeValueA
CryptGetHashParam
RegOpenKeyW
LookupPrivilegeNameW
CryptGenKey
LookupAccountSidW
CryptDestroyHash
AbortSystemShutdownW

Sections

.text
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 281KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7d3d65c5aed64e1aeabb4d3e72f67a53

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 98KB - Virtual size: 98KB

.data Size: 281KB - Virtual size: 280KB

.reloc Size: 14KB - Virtual size: 13KB

.bss Size: 5KB - Virtual size: 5KB

.text
Size: 98KB - Virtual size: 98KB

.data
Size: 281KB - Virtual size: 280KB

.reloc
Size: 14KB - Virtual size: 13KB

.bss
Size: 5KB - Virtual size: 5KB