1429038923563a63e7d29d7ee49c7000_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

1429038923563a63e7d29d7ee49c7000_NeikiAnalytics.exe
Size

275KB
MD5

1429038923563a63e7d29d7ee49c7000
SHA1

a4cee6cba921165c2dc34c0102f38f266423e0d8
SHA256

87b6d7c2e0732f2c33a99bf59c3fed68f1f15b9640b487098a13c1d603ccbf74
SHA512

9886dac600195b07f1165494635256b5adbf307773808e699bd3a1debea62b2a4cf170876ff8ec6a828970a9d8b0b7405deb30f5704543f7fb7bb0061db146a3
SSDEEP

6144:gOFc6dXpqTHkxZTmi2boph0lhSMXlBXBW/XL:gydXpqT6L8oph0lhSMXleX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
1429038923563a63e7d29d7ee49c7000_NeikiAnalytics.exe

Files

1429038923563a63e7d29d7ee49c7000_NeikiAnalytics.exe
.dll windows:6 windows x86 arch:x86

f5bb4a28b683ebc78b646cf9c1a4c259

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

api-ms-win-eventing-provider-l1-1-0

EventRegister
EventWriteTransfer
EventSetInformation
EventUnregister
EventActivityIdControl

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent

api-ms-win-core-errorhandling-l1-1-0

UnhandledExceptionFilter
RaiseException
GetLastError
SetUnhandledExceptionFilter
SetLastError

api-ms-win-core-synch-l1-1-0

EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
AcquireSRWLockExclusive
ReleaseSRWLockExclusive

api-ms-win-core-processthreads-l1-1-0

TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
GetCurrentThreadId

api-ms-win-core-libraryloader-l1-2-0

GetModuleHandleW
LoadLibraryExW
FreeLibrary
GetModuleFileNameW
GetProcAddress

api-ms-win-core-file-l1-1-0

WriteFile
CreateFileW

api-ms-win-crt-runtime-l1-1-0

_errno
__p__wpgmptr
_initialize_narrow_environment
_initialize_onexit_table
_configure_narrow_argv
_execute_onexit_table
_crt_atexit
_cexit
_initterm
_initterm_e
terminate
_seh_filter_dll
_invalid_parameter_noinfo_noreturn
abort
_register_onexit_function

api-ms-win-crt-heap-l1-1-0

free
calloc
_callnewh
malloc

api-ms-win-crt-math-l1-1-0

_dsign
_fdsign
_ldclass
_fdclass
_ldsign
_dclass

api-ms-win-crt-stdio-l1-1-0

setvbuf
__acrt_iob_func
fwrite
_fseeki64
fsetpos
fgetpos
fgetc
fflush
fclose
ungetwc
fputwc
fgetwc
ungetc

api-ms-win-crt-locale-l1-1-0

___mb_cur_max_func
___lc_codepage_func
setlocale
_unlock_locales
__pctype_func
_lock_locales
___lc_locale_name_func
localeconv

api-ms-win-core-synch-l1-2-0

WakeAllConditionVariable
SleepConditionVariableSRW

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-localization-l1-2-0

LCMapStringEx

api-ms-win-core-string-l1-1-0

MultiByteToWideChar
GetStringTypeW
WideCharToMultiByte

api-ms-win-core-profile-l1-1-0

QueryPerformanceFrequency
QueryPerformanceCounter

api-ms-win-core-util-l1-1-0

DecodePointer
EncodePointer

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead
InterlockedFlushSList

api-ms-win-core-rtlsupport-l1-1-0

RtlUnwind

api-ms-win-crt-string-l1-1-0

wcsncmp
strcpy_s
_wcsdup
wcsnlen

api-ms-win-crt-filesystem-l1-1-0

_lock_file
_unlock_file

api-ms-win-core-heap-l1-1-0

GetProcessHeap
HeapAlloc
HeapFree

Exports

Exports

VirtualReality_send_utf8
VirtualReality_send_wchar_ptr

Sections

.text
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f5bb4a28b683ebc78b646cf9c1a4c259

Headers

DLL Characteristics

File Characteristics

Imports

api-ms-win-eventing-provider-l1-1-0

api-ms-win-core-debug-l1-1-0

api-ms-win-core-errorhandling-l1-1-0

api-ms-win-core-synch-l1-1-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-file-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-core-synch-l1-2-0

api-ms-win-core-sysinfo-l1-1-0

api-ms-win-core-handle-l1-1-0

api-ms-win-core-localization-l1-2-0

api-ms-win-core-string-l1-1-0

api-ms-win-core-profile-l1-1-0

api-ms-win-core-util-l1-1-0

api-ms-win-core-processthreads-l1-1-1

api-ms-win-core-interlocked-l1-1-0

api-ms-win-core-rtlsupport-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-core-heap-l1-1-0

Exports

Exports

Sections

.text Size: 116KB - Virtual size: 116KB

.rdata Size: 148KB - Virtual size: 147KB

.data Size: 2KB - Virtual size: 5KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 116KB - Virtual size: 116KB

.rdata
Size: 148KB - Virtual size: 147KB

.data
Size: 2KB - Virtual size: 5KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 6KB - Virtual size: 5KB