2d527d5722dc59bfa46d3da201a3c540_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

2d527d5722dc59bfa46d3da201a3c540_NeikiAnalytics.exe
Size

807KB
MD5

2d527d5722dc59bfa46d3da201a3c540
SHA1

79bcffad38a165016440206a55cd29a7da2c37ae
SHA256

bfeb95fd1e0d562db155d36f5fc07f118b4b72be6a8bf2b112c8c7e607422adf
SHA512

d35ba790c51adbf1bf87bd36f257252097b13e30d15f996e076854597afc64b9a338beb6cd96d54689c2186ac6608862b552eeb60f2abf2407dacf32b3677e6c
SSDEEP

12288:14Wdv82mVY9LgEyTdKBlF3wdimw9V3WZd:uWp82eKBlFJIZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d527d5722dc59bfa46d3da201a3c540_NeikiAnalytics.exe

Files

2d527d5722dc59bfa46d3da201a3c540_NeikiAnalytics.exe
.exe windows:5 windows x86 arch:x86

26d7b0469021ba1cfa5370e346e6f8d7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\arthur.kaiser\Downloads\mhook-2.2\Win32\Debug\mhook-test.pdb

Imports

kernel32

FlushInstructionCache
VirtualProtectEx
GetCurrentProcess
OutputDebugStringW
EnterCriticalSection
InitializeCriticalSection
LeaveCriticalSection
VirtualAlloc
VirtualQuery
GetSystemInfo
VirtualFree
ResumeThread
GetModuleHandleW
GetThreadPriority
GetCurrentThread
GetCurrentThreadId
Sleep
GetThreadContext
SuspendThread
OpenThread
OutputDebugStringA
GetThreadSelectorEntry
SetStdHandle
InterlockedExchange
GetLocaleInfoW
GetProcAddress
GetCurrentProcessId
OpenProcess
CloseHandle
SetThreadPriority
GetLastError
GetModuleFileNameW
WriteConsoleW
GetFileType
GetStdHandle
GetCommandLineW
HeapSetInformation
DecodePointer
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
WideCharToMultiByte
MultiByteToWideChar
RaiseException
lstrlenA
LoadLibraryW
IsProcessorFeaturePresent
HeapValidate
IsBadReadPtr
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetStringTypeW
ExitProcess
SetConsoleCtrlHandler
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
FatalAppExitA
SetHandleCount
GetStartupInfoW
RtlUnwind
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
GetProcessHeap
FreeLibrary
GetModuleFileNameA
HeapReAlloc
HeapSize
HeapQueryInformation
LCMapStringW
SetFilePointer
GetLocaleInfoA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
CreateFileW

user32

ReleaseDC
GetDC

gdi32

CreateCompatibleBitmap
SelectObject
DeleteObject
DeleteDC
CreateCompatibleDC

Sections

.textbss
Size: - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 509KB - Virtual size: 508KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 185KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

26d7b0469021ba1cfa5370e346e6f8d7

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

Sections

.textbss Size: - Virtual size: 244KB

.text Size: 509KB - Virtual size: 508KB

.rdata Size: 85KB - Virtual size: 84KB

.data Size: 185KB - Virtual size: 195KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 21KB - Virtual size: 20KB

.textbss
Size: - Virtual size: 244KB

.text
Size: 509KB - Virtual size: 508KB

.rdata
Size: 85KB - Virtual size: 84KB

.data
Size: 185KB - Virtual size: 195KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 21KB - Virtual size: 20KB