3114c471c5086534b687472919512281305e2fefb76b74964f853080abeaee13_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

3114c471c5086534b687472919512281305e2fefb76b74964f853080abeaee13_NeikiAnalytics
Size

455KB
MD5

133a404213f3dc31ca7078f029f6e730
SHA1

09b6ecbaab6e82f526a5147f7a5f4b21ef63569a
SHA256

3114c471c5086534b687472919512281305e2fefb76b74964f853080abeaee13
SHA512

c7122f4c86f8c57cfa186b1ad19b00ee7e06e62c8093ad219d0aae3186aaeafede5fbbf1d6faad0ffe2e0491d8b087c483ba86b6a7f8bff0dc34ad7bffec87ee
SSDEEP

12288:PTgJQf7Li73XkXnpZao4iJUXqyDjmu3X6BtaJCfDRgiLS4AF:cqTzpQoDJUXNjPn6DaclJLV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3114c471c5086534b687472919512281305e2fefb76b74964f853080abeaee13_NeikiAnalytics

Files

3114c471c5086534b687472919512281305e2fefb76b74964f853080abeaee13_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

3e968419f7a32c8f3c5ef614b41e14fc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SheChangeDirA
ExtractIconExA
ExtractAssociatedIconW
SHInvokePrinterCommandW
SHGetDiskFreeSpaceA
DragQueryPoint
DuplicateIcon
ExtractAssociatedIconExA
FreeIconList
DragQueryFileA
RealShellExecuteW
SHGetDataFromIDListW
SHFreeNameMappings
SHGetSpecialFolderPathA
DragFinish
SHGetPathFromIDList
SHGetDesktopFolder
ShellExecuteA

wininet

SetUrlCacheEntryGroupA
FindNextUrlCacheEntryW

advapi32

CryptAcquireContextW
RegQueryValueExA
RegDeleteKeyW
CryptGenKey
RegCreateKeyW
CryptVerifySignatureW
CryptEnumProvidersA
RegEnumKeyW
InitiateSystemShutdownA
RegOpenKeyExW
CryptDuplicateHash

comdlg32

PrintDlgA
GetOpenFileNameW
ReplaceTextA
GetOpenFileNameA
ChooseFontA
FindTextW
PrintDlgW
GetSaveFileNameA
ChooseColorW
GetFileTitleW
ChooseFontW
ReplaceTextW
PageSetupDlgA
FindTextA
LoadAlterBitmap
ChooseColorA

kernel32

VirtualQuery
ExitProcess
SetEvent
InterlockedExchange
MultiByteToWideChar
GetNamedPipeHandleStateW
LocalAlloc
CloseHandle
GetDiskFreeSpaceExA
IsBadReadPtr
QueryPerformanceCounter
TlsAlloc
FreeEnvironmentStringsW
SetThreadLocale
CreateNamedPipeA
GetProcAddress
FileTimeToSystemTime
FoldStringW
DeleteCriticalSection
TlsGetValue
GetOEMCP
GetStartupInfoA
HeapCreate
SetLocalTime
InitializeCriticalSection
HeapFree
GetStringTypeA
FreeResource
FreeEnvironmentStringsA
RtlZeroMemory
GetEnvironmentStrings
GetCurrentProcessId
RtlUnwind
HeapAlloc
GetSystemTimeAsFileTime
GetLogicalDriveStringsW
GetStringTypeExW
TlsSetValue
GetCPInfo
EnterCriticalSection
LeaveCriticalSection
IsBadWritePtr
GetEnvironmentStringsW
SetFilePointer
UnhandledExceptionFilter
GetConsoleMode
GetACP
VirtualFree
GetFileSize
WideCharToMultiByte
GetCommandLineA
GetModuleFileNameA
MoveFileA
SetHandleCount
LCMapStringA
DebugBreak
HeapDestroy
TlsFree
GetFileType
SetConsoleCtrlHandler
GetVersion
HeapReAlloc
HeapValidate
LCMapStringW
GetLastError
GetTickCount
FlushFileBuffers
GetStringTypeW
VirtualAlloc
TerminateProcess
TryEnterCriticalSection
InterlockedIncrement
GetModuleHandleA
WriteFile
GetConsoleCP
GetCurrentProcess
InterlockedDecrement
GetDiskFreeSpaceA
GetCurrentThreadId
GetCurrentThread
GetProcAddress
SetLastError
SetStdHandle
GetLongPathNameA
LoadLibraryA
ExpandEnvironmentStringsA
SetPriorityClass
OutputDebugStringA
GetStdHandle

Sections

.text
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 276KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3e968419f7a32c8f3c5ef614b41e14fc

Headers

File Characteristics

Imports

shell32

wininet

advapi32

comdlg32

kernel32

Sections

.text Size: 164KB - Virtual size: 163KB

.data Size: 276KB - Virtual size: 284KB

.rsrc Size: 14KB - Virtual size: 13KB

.text
Size: 164KB - Virtual size: 163KB

.data
Size: 276KB - Virtual size: 284KB

.rsrc
Size: 14KB - Virtual size: 13KB