44906265e90419715f0abc2260c3ab60_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

44906265e90419715f0abc2260c3ab60_NeikiAnalytics.exe
Size

2.3MB
MD5

44906265e90419715f0abc2260c3ab60
SHA1

62ffbd7ad63db94392a5bcfd79b308d6250b5813
SHA256

c5a4099d2764724917393dafc00e2cc42b5ee8e65b6c661da94cfc1392f377e0
SHA512

c03db0cc827cdd40cde3fbf7184fd415a2c4f12ba3d6c082d38131bcefba7accb3f54ccdc8b030999919abee007d92690490e72827e12187e6280439e19bf1ca
SSDEEP

49152:tfA5Js4OcZytd0iloLBUnVjx6At7X5j71wdaSizc8CJo4jv:tmmnEEd0Y/VJt7X5j71caSizXc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44906265e90419715f0abc2260c3ab60_NeikiAnalytics.exe

Files

44906265e90419715f0abc2260c3ab60_NeikiAnalytics.exe
.dll windows:5 windows x86 arch:x86

9457b41321a36769d7ff42e16b9ca09f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdi32

GetTextCharsetInfo
Rectangle
OffsetRgn
DeleteColorSpace
MaskBlt

ole32

CoTreatAsClass

kernel32

LoadLibraryExW
WaitForSingleObject
GetBinaryTypeW
GetACP
GetFileInformationByHandle
DuplicateHandle
GetProcessId
CloseHandle
IsDebuggerPresent
GetCurrentProcess
GetModuleFileNameW
SetStdHandle
DeleteCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
TerminateProcess
RtlUnwind

ws2_32

WSAGetLastError

advapi32

MakeSelfRelativeSD
CryptCreateHash
InitializeSecurityDescriptor
QueryUsersOnEncryptedFile
AdjustTokenPrivileges

user32

DestroyCursor
VkKeyScanExA
GetGUIThreadInfo
IsWindowUnicode
DestroyCaret
BeginPaint
GetMessageA

Sections

.text
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.code
Size: 392KB - Virtual size: 391KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

lq8zSJD
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

h
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt0
Size: 1.7MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

W6-kD
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

c7=qUJW
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9457b41321a36769d7ff42e16b9ca09f

Headers

File Characteristics

Imports

gdi32

ole32

kernel32

ws2_32

advapi32

user32

Sections

.text Size: 56KB - Virtual size: 53KB

.rdata Size: 4KB - Virtual size: 2KB

.code Size: 392KB - Virtual size: 391KB

lq8zSJD Size: 4KB - Virtual size: 2KB

h Size: 8KB - Virtual size: 6KB

.crt0 Size: 1.7MB - Virtual size: 1.6MB

W6-kD Size: 16KB - Virtual size: 15KB

c7=qUJW Size: 40KB - Virtual size: 37KB

.CRT Size: 4KB - Virtual size: 4B

.rsrc Size: 40KB - Virtual size: 38KB

DATA Size: 80KB - Virtual size: 79KB

.text
Size: 56KB - Virtual size: 53KB

.rdata
Size: 4KB - Virtual size: 2KB

.code
Size: 392KB - Virtual size: 391KB

lq8zSJD
Size: 4KB - Virtual size: 2KB

h
Size: 8KB - Virtual size: 6KB

.crt0
Size: 1.7MB - Virtual size: 1.6MB

W6-kD
Size: 16KB - Virtual size: 15KB

c7=qUJW
Size: 40KB - Virtual size: 37KB

.CRT
Size: 4KB - Virtual size: 4B

.rsrc
Size: 40KB - Virtual size: 38KB

DATA
Size: 80KB - Virtual size: 79KB