87e63f78f50ed137175470745d3dbea0_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

87e63f78f50ed137175470745d3dbea0_NeikiAnalytics
Size

703KB
MD5

87e63f78f50ed137175470745d3dbea0
SHA1

f053d6d9fb3b6bd3fa3f8fa2169299e85fed0abb
SHA256

7accdd56f007ed7ecba47c8c2ef7290eb088e1f1cf4f4c9319bc093ed89f38d6
SHA512

240cf4ae67f077ed326b5c16f0d680149a77ea518a38b86c3334e2809ca6c6bc455b350ba6ec6c87335feff0b3118f9282fccc1f6fd86ec0ea74a3617ad4b60e
SSDEEP

12288:JOMSdZQFmravfgGchah+H/cXy5YFSRNEaNZ2ONbQo2bzTWSaVVQtGLfHtVclBq+6:JOMSdyAaHsK+fM2jEaNZBqoeW7V6tGL7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
87e63f78f50ed137175470745d3dbea0_NeikiAnalytics

Files

87e63f78f50ed137175470745d3dbea0_NeikiAnalytics
.exe windows:10 windows x86 arch:x86

2df29d0736b8a2a1fcce9f4f1b61f32a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

msidb.pdb

Imports

kernel32

WriteFile
FindNextFileA
FindResourceA
lstrlenA
FindClose
GetCurrentDirectoryA
MultiByteToWideChar
GetLastError
GetFileAttributesA
CreateFileA
LockResource
CloseHandle
LoadResource
GetProcAddress
GetModuleHandleW
GetFileType
FlushFileBuffers
GetStdHandle
VirtualQuery
GetSystemInfo
WriteConsoleW
SetStdHandle
LCMapStringW
GetStringTypeW
SetFilePointer
GetConsoleMode
GetConsoleCP
RaiseException
FindFirstFileA
CreateFileW
SizeofResource
VirtualAlloc
HeapReAlloc
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
Sleep
LeaveCriticalSection
EnterCriticalSection
OutputDebugStringA
HeapAlloc
VirtualProtect
EncodePointer
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTickCount
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCommandLineA
GetStartupInfoW
GetVersionExW
RtlUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
SetLastError
GetCurrentThreadId
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
ExitProcess
LoadLibraryExW
GetModuleFileNameA
HeapCreate
HeapFree
VirtualFree
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
QueryPerformanceCounter

user32

SendDlgItemMessageA
MessageBoxA
IsDialogMessageA
ShowWindow
DialogBoxParamA
EndDialog
SetDlgItemTextA
LoadStringA
DestroyWindow
GetMessageA
GetDlgItem
PeekMessageA
EnableWindow
PostMessageA
CreateDialogParamA

ole32

CoUninitialize
StgOpenStorage
StgCreateDocfile
CoInitialize

comdlg32

GetOpenFileNameA
GetSaveFileNameA

msi

ord48
ord8
ord160
ord158
ord20
ord21
ord29
ord164
ord77
ord170
ord91
ord31
ord124
ord18
ord117
ord163
ord27
ord120
ord119
ord122
ord159
ord17

Sections

.text
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 568KB - Virtual size: 572KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2df29d0736b8a2a1fcce9f4f1b61f32a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

ole32

comdlg32

msi

Sections

.text Size: 59KB - Virtual size: 59KB

.data Size: 3KB - Virtual size: 9KB

.idata Size: 3KB - Virtual size: 2KB

.rsrc Size: 68KB - Virtual size: 68KB

.reloc Size: 568KB - Virtual size: 572KB

.text
Size: 59KB - Virtual size: 59KB

.data
Size: 3KB - Virtual size: 9KB

.idata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 68KB - Virtual size: 68KB

.reloc
Size: 568KB - Virtual size: 572KB