2e8381b6db557307398bcb09afac8a60_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

2e8381b6db557307398bcb09afac8a60_NeikiAnalytics.exe
Size

92KB
MD5

2e8381b6db557307398bcb09afac8a60
SHA1

b3a2eebcc941c6cbe863a31259f59378479884a1
SHA256

85b46b9d732842675ba845d52d7180277e5652ed9e73a48e7d6f721d73101283
SHA512

43a97717f5d05e76981b2786f22feee090e0a521dbf887e8ed2a4fe5d93c928097260cde8b77a196dad3e96ec7f85aac5823021810e9e968c214b92ffa7d99ae
SSDEEP

1536:mAva4cnoHS/ja5hm/WQ9LsmgsngD6DHS/jY:mAva4uoHWa58eELsmgFD6DHWY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e8381b6db557307398bcb09afac8a60_NeikiAnalytics.exe

Files

2e8381b6db557307398bcb09afac8a60_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

c92d553ba7d439ff859fa551986d4841

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

xul

GRE_GetGREPathWithProperties
??1nsINIParser@@QAE@XZ
?GetString@nsINIParser@@QAEIPBD0AAVnsACString_internal@@@Z
?Init@nsINIParser@@QAEIPAVnsILocalFile@@@Z
XRE_GetFileFromPath
?sCanonicalVTable@nsObsoleteACString@@2PBXB
NS_NewNativeLocalFile_P
?assign_from_qi@nsCOMPtr_base@@QAEXVnsQueryInterface@@ABUnsID@@@Z
?sCanonicalVTable@nsObsoleteAString@@2PBXB
?NS_CopyNativeToUnicode@@YAIABVnsACString_internal@@AAVnsAString_internal@@@Z
NS_InitXPCOM2_P
?assign_from_gs_contractid@nsCOMPtr_base@@QAEXVnsGetServiceByContractID@@ABUnsID@@@Z
NS_ShutdownXPCOM_P
??1nsAString_internal@@QAE@XZ
?GetString@nsINIParser@@QAEIPBD0PADI@Z
XRE_GetBinaryPath
??1nsCOMPtr_base@@QAE@XZ
XRE_main
??1nsACString_internal@@QAE@XZ

nspr4

PR_GetEnv
PR_smprintf_free
PR_sscanf
PR_Write
PR_snprintf
PR_vsmprintf
PR_Close
PR_Read
PR_SetEnv

plc4

PL_strcasecmp

user32

MessageBoxA

advapi32

RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegQueryValueExA
RegSetValueExA
RegOpenKeyExA

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_iob
fprintf
strcpy
sprintf
__p___argv
__p___argc
strlen
printf

kernel32

GetStartupInfoA
GetModuleHandleA

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c92d553ba7d439ff859fa551986d4841

Headers

File Characteristics

Imports

xul

nspr4

plc4

user32

advapi32

msvcrt

kernel32

Sections

.text Size: 8KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 72KB - Virtual size: 68KB

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 72KB - Virtual size: 68KB