9aeadd0f7c24dbb486203e21365f2190_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

9aeadd0f7c24dbb486203e21365f2190_NeikiAnalytics.exe
Size

172KB
MD5

9aeadd0f7c24dbb486203e21365f2190
SHA1

5b1272f3bf9eb4cbaab7b1159d009c2b3843df5e
SHA256

e249a1cfe006c5c9d1c6a5e6675ac22bb49694b6a183464c8338e0bdc013968a
SHA512

873d37dfa3210386cba03759e8e4fd2d3cd73db03f50006cd74dbe584f68caab45ba00764d526ee7e88f51a661469040729cda231c0157e225209a532f4cc69a
SSDEEP

3072:uzu+khAB3TBv6OreacCuoEaXA+he+XN3pzvTOzdoTrYN:uzu+kuT/ea94WAOjXN3gIQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9aeadd0f7c24dbb486203e21365f2190_NeikiAnalytics.exe

Files

9aeadd0f7c24dbb486203e21365f2190_NeikiAnalytics.exe
.dll windows:4 windows x86 arch:x86

cbf0e0241d4bcf6a08b2258dc9722480

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
GetLastError
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
WideCharToMultiByte
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalFree
GlobalReAlloc
lstrcpyA
lstrcpynA
GetProfileStringA
lstrlenA
GetModuleHandleA
GlobalCompact
GlobalHandle
IsBadHugeReadPtr
_lclose
_lread
_lwrite
_llseek
_lcreat
_lopen
GetTempFileNameA
GetTempPathA
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetCurrentProcess
TerminateProcess
ExitProcess
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersion
GetCommandLineA
RtlUnwind
HeapAlloc
HeapFree
LoadLibraryA
FreeLibrary
DeleteFileA

dzsdm

SDMGET
SDMPUT
SDMQUERY

gdi32

GetSystemPaletteEntries
CreateCompatibleBitmap
SelectObject
PlayMetaFileRecord
EnumMetaFile
GetObjectA
SetViewportOrgEx
SetViewportExtEx
Rectangle
GetMetaFileA
GetDIBits
CreatePalette
GetStockObject
CreateMetaFileA
SetWindowOrgEx
SetWindowExtEx
SetMapMode
SelectPalette
RealizePalette
StretchDIBits
DeleteObject
CloseMetaFile
DeleteMetaFile
GetDeviceCaps
DeleteDC
EnumFontFamiliesA
CreateICA
CreateCompatibleDC

user32

GetDC
ReleaseDC

Exports

Exports

wtrMain

Sections

.text
Size: 124KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cbf0e0241d4bcf6a08b2258dc9722480

Headers

File Characteristics

Imports

kernel32

dzsdm

gdi32

user32

Exports

Exports

Sections

.text Size: 124KB - Virtual size: 120KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 20KB - Virtual size: 19KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 124KB - Virtual size: 120KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 20KB - Virtual size: 19KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 5KB