2d71b9edd3dfdc08b8229a3458ac67d06bfefded0d5d1532485926bc391e84e9_NeikiAnalytics

Sharing

Copy URL

Twitter E-mail

General

Target

2d71b9edd3dfdc08b8229a3458ac67d06bfefded0d5d1532485926bc391e84e9_NeikiAnalytics
Size

299KB
MD5

335babba1686b0c548244f6e76804cc0
SHA1

0210b3dd6cdcc25b40c8a6a8c19741f598490db2
SHA256

2d71b9edd3dfdc08b8229a3458ac67d06bfefded0d5d1532485926bc391e84e9
SHA512

85257f0306731abfbd9c0c590e0fe0f079837de5d084492d1705c5131d610372b1d2d47fb902d626d4c93a332096cf6d438c2e44a2c6ce0ce2390f8b392bf05e
SSDEEP

6144:z0OR7ubd5mEa1JBwQtLhx92D4uL82Aahe11EODTzppGnTBonzZKFk:zBBuTmEwJ2QR92DdL8laha1EODTzpoTQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d71b9edd3dfdc08b8229a3458ac67d06bfefded0d5d1532485926bc391e84e9_NeikiAnalytics

Files

2d71b9edd3dfdc08b8229a3458ac67d06bfefded0d5d1532485926bc391e84e9_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

353c49f24f8a63c60ac9b7ac5636864b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenMutexW
GetLastError
GetComputerNameA
OpenFile
GetCommandLineW
GlobalCompact
HeapAlloc
TlsGetValue
LCMapStringA
GetVersionExA
MultiByteToWideChar
SetSystemTime
GetCurrentDirectoryW
FindFirstFileA
WriteFile
IsValidLocale
VirtualProtect
GetEnvironmentStrings
GetEnvironmentStringsW
SetComputerNameW
InitializeCriticalSection
DeleteCriticalSection
GetFileType
EnterCriticalSection
GetWindowsDirectoryW
GetModuleFileNameW
LeaveCriticalSection
GetDateFormatA
GetProcAddress
LocalSize
GetCurrentThread
TlsAlloc
EnumTimeFormatsA
CompareStringW
CreateNamedPipeW
GetOEMCP
VirtualQuery
GetUserDefaultLCID
SetHandleCount
HeapDestroy
GetTempPathA
GetStartupInfoW
LCMapStringW
GetCommandLineA
HeapReAlloc
GetTimeZoneInformation
ExitProcess
CreateFileMappingA
AddAtomW
VirtualAlloc
TlsFree
QueryPerformanceCounter
GetCurrentProcess
GetStringTypeW
GetModuleHandleA
FreeEnvironmentStringsW
GetStdHandle
GetStringTypeA
GetCurrentThreadId
HeapSize
UnhandledExceptionFilter
CompareStringA
GetACP
GetCurrentProcessId
WideCharToMultiByte
GetSystemInfo
CopyFileA
SetLastError
GetTickCount
GetLocaleInfoW
GetPrivateProfileSectionNamesA
FreeEnvironmentStringsA
IsBadWritePtr
HeapCreate
RtlUnwind
EnumSystemLocalesA
GetSystemTimeAsFileTime
InterlockedExchange
GetTimeFormatA
GetExitCodeProcess
ReadConsoleOutputA
GetCPInfo
VirtualFree
GetLocaleInfoA
GetStartupInfoA
HeapFree
TerminateProcess
LoadLibraryA
FindClose
SetEnvironmentVariableA
TlsSetValue
WriteConsoleA
GetModuleFileNameA
IsValidCodePage

user32

SetCaretPos
CountClipboardFormats
SetWindowLongW
GetMessagePos
DefWindowProcA
GetWindowLongW
GetDlgItemTextA
CreateIconFromResource
SetWindowWord
DestroyCaret
PackDDElParam
ValidateRect
DrawIconEx

shell32

SHGetInstanceExplorer
ExtractAssociatedIconA
SHGetDiskFreeSpaceA
RealShellExecuteW
DragQueryFileAorW
DragAcceptFiles
FreeIconList
SHGetFileInfo
SHGetPathFromIDListW
ExtractIconEx
SHFileOperationW
SHAddToRecentDocs
SHFileOperation
SHChangeNotify
InternalExtractIconListA
ExtractAssociatedIconW
DoEnvironmentSubstA
DragQueryFile
SHFormatDrive

advapi32

CryptEnumProvidersW
GetUserNameA
LookupAccountNameW
GetUserNameW
RegCreateKeyW
CryptDestroyHash
LookupPrivilegeNameW
CryptAcquireContextW
CryptDestroyKey
CryptHashSessionKey
CryptDuplicateKey
RegSetValueW
RegQueryMultipleValuesW

Sections

.text
Size: 151KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

353c49f24f8a63c60ac9b7ac5636864b

Headers

File Characteristics

Imports

kernel32

user32

shell32

advapi32

Sections

.text Size: 151KB - Virtual size: 151KB

.data Size: 137KB - Virtual size: 136KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 151KB - Virtual size: 151KB

.data
Size: 137KB - Virtual size: 136KB

.rsrc
Size: 10KB - Virtual size: 9KB