503a1bd9865b46672d167478d93f0230_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

503a1bd9865b46672d167478d93f0230_NeikiAnalytics.exe
Size

1.3MB
MD5

503a1bd9865b46672d167478d93f0230
SHA1

478e7228fb7d97365497e486276ce0b93266afd8
SHA256

fba71aed95791d991c6424e29c97862696f5bc31af1e22bd2b57db0429e65665
SHA512

db6822a6539c6c414059a3f80db07a385159cf00982723a20ced5a5911e5dca93f1bd8bd9b429c2f8e400a58769023ce6a1d33f506dfb6e5e77047306fd2e479
SSDEEP

12288:AJxCH+sdwS/GaC+9YU7mEP8ROp5aQLoeZ/cZnMAroI4MpFvHEYQ2MP6Oo1y:UxYYUmEP8ROGkZk9MUoIr5HlMP6OQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
503a1bd9865b46672d167478d93f0230_NeikiAnalytics.exe

Files

503a1bd9865b46672d167478d93f0230_NeikiAnalytics.exe
.exe windows:6 windows x86 arch:x86

df9f9eb235b3f4b52c1531620a14e248

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Imports

kernel32

CloseHandle
CreateFileA
DeleteCriticalSection
DeviceIoControl
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFileSizeEx
GetLastError
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WideCharToMultiByte

api-ms-win-crt-convert-l1-1-0

_atoi64
atof
atoi
strtoul

api-ms-win-crt-environment-l1-1-0

__p__environ
__p__wenviron
getenv

api-ms-win-crt-filesystem-l1-1-0

_lock_file
_unlock_file

api-ms-win-crt-heap-l1-1-0

calloc
free
malloc

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__p__fmode
__stdio_common_vfprintf
__stdio_common_vfwprintf
_lseeki64
fputc
fwrite
puts
_write
_read
_open
_close

api-ms-win-crt-locale-l1-1-0

___lc_codepage_func
___mb_cur_max_func
localeconv
__initialize_lconv_for_unsigned_char

api-ms-win-crt-string-l1-1-0

memset
strcmp
strlen
strncmp
strtok
wcslen
_strdup

api-ms-win-crt-private-l1-1-0

memcmp
memcpy
strchr

api-ms-win-crt-time-l1-1-0

__daylight
__timezone
__tzname
_time32
_tzset

api-ms-win-crt-utility-l1-1-0

rand
srand

api-ms-win-crt-runtime-l1-1-0

_set_app_type
__p___argc
__p___argv
__p___wargv
__p__acmdln
_cexit
_configure_narrow_argv
_configure_wide_argv
_crt_atexit
_errno
_initialize_narrow_environment
_initialize_wide_environment
_initterm
_set_invalid_parameter_handler
abort
exit
signal
strerror

Sections

.text
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.buildid
Size: 512B - Virtual size: 81B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1.2MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

df9f9eb235b3f4b52c1531620a14e248

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-private-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-runtime-l1-1-0

Sections

.text Size: 62KB - Virtual size: 62KB

.rdata Size: 78KB - Virtual size: 78KB

.buildid Size: 512B - Virtual size: 81B

.data Size: 512B - Virtual size: 8KB

.tls Size: 512B - Virtual size: 8B

.reloc Size: 1.2MB - Virtual size: 1.8MB

.text
Size: 62KB - Virtual size: 62KB

.rdata
Size: 78KB - Virtual size: 78KB

.buildid
Size: 512B - Virtual size: 81B

.data
Size: 512B - Virtual size: 8KB

.tls
Size: 512B - Virtual size: 8B

.reloc
Size: 1.2MB - Virtual size: 1.8MB