45ec03e5000beedb9024e80ba6f6c9d0_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

45ec03e5000beedb9024e80ba6f6c9d0_NeikiAnalytics.exe
Size

107KB
MD5

45ec03e5000beedb9024e80ba6f6c9d0
SHA1

3cc7739a0c88a66a3a39450105a1c0a55e5f121d
SHA256

ed4e35c5e11db0199903b318d07a034015b9ca7ba93e7866e9e6a6a6ad5742ef
SHA512

a3ae23f9ff9089f5c29165160eae8410897bc5e35b8876dccc7fd28c2566917813ac90bd0a2d0e0640027ca4dea53eb2889ba0a6ff976f6954ce64dd094e1941
SSDEEP

768:6R+UT/OfoRNLaiByGK8C6aIgSwF+QMCO+fv7RRK4NyZo7kYpGWfDZgOf2D:6xzOe9C6atM8X7RRPnkYpXDZg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45ec03e5000beedb9024e80ba6f6c9d0_NeikiAnalytics.exe

Files

45ec03e5000beedb9024e80ba6f6c9d0_NeikiAnalytics.exe
.exe windows:6 windows x86 arch:x86

11e8aa7c757326ff2beabfe6bba34040

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\C101\Desktop\Project1\Debug\Project1.pdb

Imports

msvcp120d

?flags@ios_base@std@@QBEHXZ
?width@ios_base@std@@QBE_JXZ
?width@ios_base@std@@QAE_J_J@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAPAD0PAH001@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?eof@ios_base@std@@QBE_NXZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@M@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?_BADOFF@std@@3_JB
?id@?$codecvt@DDH@std@@2V0locale@2@A
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??2@YAPAXIABU_DebugHeapTag_t@std@@PADH@Z
??3@YAXPAXABU_DebugHeapTag_t@std@@PADH@Z
?_DebugHeapTag_func@std@@YAABU_DebugHeapTag_t@1@XZ
?good@ios_base@std@@QBE_NXZ
?_Winerror_map@std@@YAPBDH@Z
?_Syserror_map@std@@YAPBDH@Z
?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?unshift@?$codecvt@DDH@std@@QBEHAAHPAD1AAPAD@Z
?out@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?in@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?always_noconv@codecvt_base@std@@QBE_NXZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
??Bid@locale@std@@QAEIXZ
??0id@locale@std@@QAE@I@Z
??0_Lockit@std@@QAE@H@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z
?_Xbad_alloc@std@@YAXXZ
?_Orphan_all@_Container_base12@std@@QAEXXZ
??1_Container_base12@std@@QAE@XZ
??0_Container_base12@std@@QAE@XZ
?_Debug_message@std@@YAXPB_W0I@Z
?uncaught_exception@std@@YA_NXZ
??1_Lockit@std@@QAE@XZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ

msvcr120d

free
memcpy
memcpy_s
memset
strcpy
strcmp
strlen
memmove
_hypot
_CrtDbgReportW
??0bad_cast@std@@QAE@PBD@Z
??0bad_cast@std@@QAE@ABV01@@Z
??0exception@std@@QAE@ABV01@@Z
??1bad_cast@std@@UAE@XZ
_CxxThrowException
__CxxFrameHandler3
_lock
_unlock
_calloc_dbg
__dllonexit
_onexit
_CRT_RTC_INITW
??1type_info@@UAE@XZ
_XcptFilter
_amsg_exit
__getmainargs
__set_app_type
_CrtSetCheckCount
exit
_exit
_cexit
_configthreadlocale
__setusermatherr
_initterm_e
_initterm
__initenv
_fmode
_commode
_except_handler4_common
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
?terminate@@YAXXZ
__crtSetUnhandledExceptionFilter
_invoke_watson
_controlfp_s
wcscpy_s
_wmakepath_s
_wsplitpath_s
system
_unlock_file
_lock_file
ungetc
setvbuf
scanf
puts
printf
gets
fwrite
fsetpos
fputc
fgetpos
fgetc
fflush
fclose
__iob_func
_invalid_parameter
??3@YAXPAX@Z
??2@YAPAXI@Z
_purecall
_fseeki64

kernel32

DecodePointer
IsDebuggerPresent
RaiseException
GetLastError
GetProcAddress
LoadLibraryExW
MultiByteToWideChar
WideCharToMultiByte
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
GetProcessHeap
VirtualQuery
FreeLibrary
GetModuleFileNameW
GetModuleHandleW
EncodePointer

Sections

.textbss
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

11e8aa7c757326ff2beabfe6bba34040

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcp120d

msvcr120d

kernel32

Sections

.textbss Size: - Virtual size: 64KB

.text Size: 75KB - Virtual size: 74KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 1KB - Virtual size: 2KB

.idata Size: 8KB - Virtual size: 7KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 3KB

.textbss
Size: - Virtual size: 64KB

.text
Size: 75KB - Virtual size: 74KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 1KB - Virtual size: 2KB

.idata
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB