3fac0095ca74f65d53ffef699f68ee889a0e0da490ab84beae27bf48cf73ca84_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

3fac0095ca74f65d53ffef699f68ee889a0e0da490ab84beae27bf48cf73ca84_NeikiAnalytics
Size

1.5MB
MD5

c77b7fc1536908a00febfddd29ae25b0
SHA1

6d367e2b2be60c09c16e9b2a637a4dc275a1952d
SHA256

3fac0095ca74f65d53ffef699f68ee889a0e0da490ab84beae27bf48cf73ca84
SHA512

0a92a4453585f555e7dcb71f86c314c540d5b3b75a84b1ed9b3cb9930e790136374997af04b9438f7d374d82df66a021772a9ddebcdca7b74da092205e0ea05e
SSDEEP

24576:0UGUod4WmIJG339gH9gWlTT+K4w9LX88TBxa7SzYZRJsQu5v0+EIJueHFPTza:07Us4WmIOiBH48Wmzh5XEIJu6w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3fac0095ca74f65d53ffef699f68ee889a0e0da490ab84beae27bf48cf73ca84_NeikiAnalytics

Files

3fac0095ca74f65d53ffef699f68ee889a0e0da490ab84beae27bf48cf73ca84_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

3777db89f68590921b244cc6c47092b9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
GlobalLock
GetModuleFileNameA
SetCurrentDirectoryA
lstrcpyA
GetStartupInfoA
GetStdHandle
GetFileType
GlobalFree
GlobalUnlock
GetTimeZoneInformation
GetVersion
CloseHandle
SetFileTime
GetLastError
SetFileAttributesA
CreateFileA
FileTimeToLocalFileTime
GetVolumeInformationA
GetFullPathNameA
SetVolumeLabelA
GetDriveTypeA
GetFileAttributesA
GetFileTime
FileTimeToDosDateTime
LeaveCriticalSection
HeapFree
GetProcessHeap
EnterCriticalSection
lstrcpynA
lstrcmpiA
lstrlenA
InitializeCriticalSection
ReleaseMutex
WaitForSingleObject
InterlockedExchange
CreateMutexA
HeapAlloc
GetCurrentProcess
ExitProcess
TerminateProcess
GetModuleHandleA
GetCurrentDirectoryA
GetCommandLineA
HeapReAlloc
MultiByteToWideChar
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
CompareStringW
CompareStringA
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
WriteFile
VirtualAlloc
FlushFileBuffers
SetFilePointer
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
SetStdHandle
ReadFile
SetEndOfFile
FileTimeToSystemTime
FindFirstFileA
SetEnvironmentVariableA
FindClose
CreateDirectoryA
DeleteFileA

user32

DialogBoxParamA
PostQuitMessage
MessageBoxA
SetWindowTextA
GetWindowRect
DestroyWindow
CharToOemA
GetParent
SendMessageA
DefWindowProcA
EndDialog
wsprintfA
SetDlgItemTextA
OemToCharA
GetSystemMetrics
SetWindowPos

comdlg32

GetOpenFileNameA

advapi32

AdjustTokenPrivileges
GetSecurityDescriptorControl
GetSecurityDescriptorLength
OpenProcessToken
LookupPrivilegeValueA
GetKernelObjectSecurity
SetKernelObjectSecurity
IsValidSecurityDescriptor

Sections

.text
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3777db89f68590921b244cc6c47092b9

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

Sections

.text Size: 60KB - Virtual size: 56KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 60KB - Virtual size: 56KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 2KB