002e4001db2314d310ee30921825a470_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

002e4001db2314d310ee30921825a470_NeikiAnalytics
Size

947KB
MD5

002e4001db2314d310ee30921825a470
SHA1

284fc4d01e871de6058a07ebaf6fec2432ed8e67
SHA256

dbe812a36eee9ff96827c439f1293b184848aca50b6f63b667c7df56bccf1afb
SHA512

a0cebf4f654982606c49c21a963fc9c2827b8ad77902c486edd1adff02b6191d3994788660f8abde84e0344e9f49b97182bcf2334691eb19e945f92d3b38e00f
SSDEEP

12288:JIywg4qpK9d2K/0fQqCe0MVOtzF1V0XRbPvL/Dmjl5ty:Jb0p2K/0fQyOtzX6hbHmjjU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
002e4001db2314d310ee30921825a470_NeikiAnalytics

Files

002e4001db2314d310ee30921825a470_NeikiAnalytics
.exe windows:6 windows x86 arch:x86

10c83dfce8080b25b33e923f41d70891

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSectionEx
GetLastError
RaiseException
DecodePointer
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
Sleep
GetCurrentThreadId
GetProcAddress
QueryPerformanceCounter
CloseHandle
GetCurrentProcessId
IsDebuggerPresent
GetCurrentProcess
GetModuleHandleExW
GetModuleFileNameW
MultiByteToWideChar
WideCharToMultiByte
GetACP
IsValidCodePage
FindNextFileW
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetStdHandle
CreateFileW
WriteConsoleW
ExitProcess
QueryPerformanceFrequency
FindFirstFileExW
FindClose
GetTimeZoneInformation
ReadConsoleW
ReadFile
EncodePointer
LCMapStringEx
GetSystemTimeAsFileTime
GetModuleHandleW
GetLocaleInfoEx
GetStringTypeW
CompareStringEx
GetCPInfo
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
InitializeSListHead
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
TerminateProcess
OutputDebugStringW
RtlUnwind
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
HeapSize
GetStdHandle
WriteFile
HeapFree
HeapAlloc
HeapReAlloc
GetProcessHeap
GetFileType
GetFileSizeEx
SetFilePointerEx
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
VirtualQuery

advapi32

CryptAcquireContextW
SystemFunction036

Sections

Size: 383KB - Virtual size: 383KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 435KB - Virtual size: 435KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 828B - Virtual size: 828B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

10c83dfce8080b25b33e923f41d70891

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

Sections

Size: 383KB - Virtual size: 383KB

Size: 109KB - Virtual size: 109KB

Size: 435KB - Virtual size: 435KB

Size: 828B - Virtual size: 828B

Size: 16KB - Virtual size: 16KB