efcc323c37543b916cf36cb799a52b40_NeikiAnalytics[.]exe

General

Target

efcc323c37543b916cf36cb799a52b40_NeikiAnalytics.exe
Size

79KB
MD5

efcc323c37543b916cf36cb799a52b40
SHA1

eb88f559fcf1675dc3854ecbc017f6447e598589
SHA256

d7c31ccbf4a1af31e54e65bd3c36d53d7bf46013d82c0dca481d94879004a1eb
SHA512

d9568161c13112a71a4c50a703b7d405a35bbaaee481f12f135b07aaebb0cdacc72902a678a446b63c67a37d5008b5d67828d2a650364941ffa8c577c92bebbd
SSDEEP

768:oxXciYHt515mqrqQR6FeBN9AWhR3g15Q3tKdsBHD16QozqLYx/xesoSgE0Ay:ocd52g6swsRh6QDUv3gF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
efcc323c37543b916cf36cb799a52b40_NeikiAnalytics.exe

Files

efcc323c37543b916cf36cb799a52b40_NeikiAnalytics.exe
.dll windows:4 windows x86 arch:x86

9f5bb00d49baf0ee78c5252058e3e5e2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

MessageBoxA

kernel32

LCMapStringW
HeapDestroy
DeleteFileA
MoveFileA
CopyFileA
CreateFileA
CloseHandle
SetFilePointer
ReadFile
WriteFile
GetLastError
GetFullPathNameA
HeapAlloc
HeapFree
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
GetCurrentDirectoryA
GetDriveTypeA
ExitProcess
TerminateProcess
GetCurrentProcess
WideCharToMultiByte
GetStringTypeA
GetStringTypeW
MultiByteToWideChar
LCMapStringA
FreeEnvironmentStringsW
GetEnvironmentStrings
HeapCreate
VirtualFree
VirtualAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
FileTimeToLocalFileTime
FindFirstFileA
GetEnvironmentStringsW
LoadLibraryA
FindClose
FileTimeToSystemTime
SetEnvironmentVariableA
SetCurrentDirectoryA
GetTimeZoneInformation
CompareStringA
CompareStringW
HeapReAlloc

Exports

Exports

_merge_ini
_merge_io_check
_merge_io_chk_free
_merge_io_def_free
_merge_io_get_definition
_merge_io_ini
_merge_io_record
_merge_io_trm
_merge_io_value
_merge_trm

Sections

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9f5bb00d49baf0ee78c5252058e3e5e2

Headers

File Characteristics

Imports

user32

kernel32

Exports

Exports

Sections

.text Size: 56KB - Virtual size: 56KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 14KB - Virtual size: 15KB

.idata Size: 2KB - Virtual size: 2KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 56KB - Virtual size: 56KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 14KB - Virtual size: 15KB

.idata
Size: 2KB - Virtual size: 2KB

.reloc
Size: 2KB - Virtual size: 2KB