efaa341ae57ff588c27396cac0114c80_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

efaa341ae57ff588c27396cac0114c80_NeikiAnalytics.exe
Size

13KB
MD5

efaa341ae57ff588c27396cac0114c80
SHA1

088bbcb76fe10847a605f23371299dd088e4366b
SHA256

e840bbd44969f5c2150365e7c41a5536d6c01678f2d41318f1591b82e4bcf231
SHA512

3deac4bcd25bff7a5fc1517b437e0902003cec1e652e3c7c99636d82b0c458fb3d0aa302377753090735b5e1717239cf6f98eb77d211e2eea8226631c2f57d13
SSDEEP

192:dpBobcI8dmN40B9+9ic5jO5dnQ2yDg3M69rHqYISF7E5LzYXbfnO:buudYBsd5j4x/Az69rHt/F77O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
efaa341ae57ff588c27396cac0114c80_NeikiAnalytics.exe

Files

efaa341ae57ff588c27396cac0114c80_NeikiAnalytics.exe
.exe windows:6 windows x86 arch:x86

7189671f30007ac9b611701afae2b059

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\projects\repos\cerbero.git\1.22\build\sources\msvc_x86\json-glib-1.6.2\_builddir\json-glib\json-glib-validate.pdb

Imports

json-glib-1.0-0

json_parser_load_from_stream
json_parser_new

gio-2.0-0

g_input_stream_close
g_file_get_uri
g_file_read
g_file_new_for_commandline_arg

gobject-2.0-0

g_object_unref

glib-2.0-0

g_option_context_add_main_entries
g_option_context_free
g_option_context_set_description
g_option_context_set_summary
g_option_context_parse
g_strdup_printf
g_option_context_new
g_error_free
g_printerr
g_free
g_get_prgname
g_clear_error

intl-8

libintl_gettext
libintl_textdomain
libintl_bindtextdomain
libintl_bind_textdomain_codeset

vcruntime140

__std_type_info_destroy_list
__current_exception
__current_exception_context
_except_handler4_common
memset

api-ms-win-crt-locale-l1-1-0

setlocale
_configthreadlocale

api-ms-win-crt-runtime-l1-1-0

_register_thread_local_exe_atexit_callback
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_controlfp_s
terminate
_seh_filter_dll
_seh_filter_exe
_set_app_type
_crt_at_quick_exit
_configure_narrow_argv
_initialize_narrow_environment
_get_initial_narrow_environment
_initterm
_initterm_e
exit
_exit
_c_exit
__p___argc
__p___argv
_cexit

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-stdio-l1-1-0

__p__commode
_set_fmode

api-ms-win-crt-heap-l1-1-0

_set_new_mode

kernel32

QueryPerformanceCounter
TerminateProcess
GetCurrentProcess
GetModuleHandleW
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 964B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7189671f30007ac9b611701afae2b059

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

json-glib-1.0-0

gio-2.0-0

gobject-2.0-0

glib-2.0-0

intl-8

vcruntime140

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

kernel32

Sections

.text Size: 6KB - Virtual size: 5KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 964B

.reloc Size: 1024B - Virtual size: 688B

.text
Size: 6KB - Virtual size: 5KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 964B

.reloc
Size: 1024B - Virtual size: 688B