8dd40365e845f07a0b429e634a4090c0_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

8dd40365e845f07a0b429e634a4090c0_NeikiAnalytics.exe
Size

896KB
MD5

8dd40365e845f07a0b429e634a4090c0
SHA1

9687bf0672114bf599cfb01e76cf88aa9c80a8e1
SHA256

5afb1c3c0f4be11c4901a5654cace6795baf1cee126a154ebdd1d5729a6ee33e
SHA512

0ac6c8b04acf4023b85aebd7018336904c6fbf93d565d60c21a3aee32d56a55b4f693eda3df0643cb2301ef5b08b4a92639a8a1a5831dfc40d6261889051e6de
SSDEEP

12288:dGVNJAvuPFUl/faxGVlBLXKCgFfEK7JRLeHlX//ve7:g3JAvRl/fKwKCgFfx4P/va

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
8dd40365e845f07a0b429e634a4090c0_NeikiAnalytics.exe

Files

8dd40365e845f07a0b429e634a4090c0_NeikiAnalytics.exe
.dll windows:5 windows x64 arch:x64

72906e44c69f979a7a4dfcb492a7b5bb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

user32

GetDoubleClickTime
GetForegroundWindow
GetClipboardOwner
DdeSetQualityOfService
ClientToScreen
DefDlgProcW

gdi32

RemoveFontMemResourceEx
GetClipBox
GetTextColor

ole32

StringFromCLSID

kernel32

GetVersion
GetQueuedCompletionStatus
GetErrorMode
GetExitCodeProcess
SetCommTimeouts
GetUserDefaultLangID
SetFileBandwidthReservation
GetNamedPipeClientSessionId
GetTapeStatus

msvcrt

memset

Exports

Exports

CreateXmlReader
CreateXmlReaderInputWithEncodingCodePage
CreateXmlReaderInputWithEncodingName
CreateXmlWriter
CreateXmlWriterOutputWithEncodingCodePage
CreateXmlWriterOutputWithEncodingName

Sections

.text
Size: 260KB - Virtual size: 259KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 488KB - Virtual size: 486KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 324B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.hszx
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jjzy
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ktuiav
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qgam
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rkyhh
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kee
Size: 4KB - Virtual size: 431B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jxzqk
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hjvqd
Size: 4KB - Virtual size: 571B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rerkz
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nbva
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xhgj
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.oxtjo
Size: 4KB - Virtual size: 431B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cqol
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wssrv
Size: 4KB - Virtual size: 954B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gqn
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wjckad
Size: 4KB - Virtual size: 905B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

72906e44c69f979a7a4dfcb492a7b5bb

Headers

DLL Characteristics

File Characteristics

Imports

user32

gdi32

ole32

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 260KB - Virtual size: 259KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 488KB - Virtual size: 486KB

.pdata Size: 4KB - Virtual size: 324B

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 7KB

.hszx Size: 28KB - Virtual size: 27KB

.jjzy Size: 28KB - Virtual size: 27KB

.ktuiav Size: 4KB - Virtual size: 1KB

.qgam Size: 4KB - Virtual size: 1KB

.rkyhh Size: 8KB - Virtual size: 4KB

.kee Size: 4KB - Virtual size: 431B

.jxzqk Size: 4KB - Virtual size: 3KB

.hjvqd Size: 4KB - Virtual size: 571B

.rerkz Size: 4KB - Virtual size: 2KB

.nbva Size: 8KB - Virtual size: 4KB

.xhgj Size: 4KB - Virtual size: 2KB

.oxtjo Size: 4KB - Virtual size: 431B

.cqol Size: 4KB - Virtual size: 2KB

.wssrv Size: 4KB - Virtual size: 954B

.gqn Size: 8KB - Virtual size: 4KB

.wjckad Size: 4KB - Virtual size: 905B

.text
Size: 260KB - Virtual size: 259KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 488KB - Virtual size: 486KB

.pdata
Size: 4KB - Virtual size: 324B

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 7KB

.hszx
Size: 28KB - Virtual size: 27KB

.jjzy
Size: 28KB - Virtual size: 27KB

.ktuiav
Size: 4KB - Virtual size: 1KB

.qgam
Size: 4KB - Virtual size: 1KB

.rkyhh
Size: 8KB - Virtual size: 4KB

.kee
Size: 4KB - Virtual size: 431B

.jxzqk
Size: 4KB - Virtual size: 3KB

.hjvqd
Size: 4KB - Virtual size: 571B

.rerkz
Size: 4KB - Virtual size: 2KB

.nbva
Size: 8KB - Virtual size: 4KB

.xhgj
Size: 4KB - Virtual size: 2KB

.oxtjo
Size: 4KB - Virtual size: 431B

.cqol
Size: 4KB - Virtual size: 2KB

.wssrv
Size: 4KB - Virtual size: 954B

.gqn
Size: 8KB - Virtual size: 4KB

.wjckad
Size: 4KB - Virtual size: 905B