3246b2fbb7f6e7d581e0852c4bb93350_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

3246b2fbb7f6e7d581e0852c4bb93350_NeikiAnalytics.exe
Size

172KB
MD5

3246b2fbb7f6e7d581e0852c4bb93350
SHA1

5a1f3b461333f42f23a505256374c2a6ca1f4c81
SHA256

5201a9891e829f25af7a383e8c59cf3ed4a3ac5524343d143f9f5ffa08ad572f
SHA512

882722e181546b5a5f233c7f6748a8c803881b5bcb14094df3dcc250cb87c4680e85f74a3c4f82b61a51fddc41c738ca8be1ea30310e5b1d8810c4b37d47fec9
SSDEEP

3072:JuEmbOQJSMtMTKfsmJND9bXO0iIUWPi1gRb8EXKogkt9uMumX:JudbOQJSMtM9ID9bydWPnblZt94mX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3246b2fbb7f6e7d581e0852c4bb93350_NeikiAnalytics.exe

Files

3246b2fbb7f6e7d581e0852c4bb93350_NeikiAnalytics.exe
.dll regsvr32 windows:4 windows x86 arch:x86

cac744f74f86e7de381f9552ece8e621

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MultiByteToWideChar
CreateDirectoryA
GetLastError
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
EnterCriticalSection
LeaveCriticalSection
WideCharToMultiByte
GetCommandLineA
GetVersion
HeapDestroy
HeapCreate
VirtualFree
InitializeCriticalSection
DeleteCriticalSection
ExitProcess
VirtualAlloc
HeapReAlloc
IsBadWritePtr
GetCPInfo
GetACP
GetOEMCP
CloseHandle
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
TerminateProcess
GetCurrentProcess
GetStringTypeA
GetStringTypeW
GetFileAttributesA
GetCurrentThreadId
TlsSetValue
HeapFree
HeapAlloc
SetLastError
TlsGetValue
CreateFileA
GetCurrentProcessId
FlushFileBuffers
WriteFile
GetProcAddress
GetModuleFileNameA
LCMapStringA
LCMapStringW
LoadLibraryA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetFilePointer
SetStdHandle
RtlUnwind
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
ReadFile
SetEndOfFile
CompareStringA
CompareStringW
FormatMessageA
LocalFree
InterlockedDecrement
InterlockedIncrement
TlsFree
TlsAlloc
GetModuleHandleA
IsBadCodePtr
IsBadReadPtr
HeapSize
SetUnhandledExceptionFilter

advapi32

RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegEnumKeyExA
RegCloseKey
RegDeleteKeyA

ole32

StringFromCLSID
CoTaskMemFree

oleaut32

LoadTypeLi
RegisterTypeLi
SetErrorInfo
LoadRegTypeLi

sqlakw32

ord3
ord1
ord2
ord6
ord5

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 112KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cac744f74f86e7de381f9552ece8e621

Headers

File Characteristics

Imports

kernel32

advapi32

ole32

oleaut32

sqlakw32

Exports

Exports

Sections

.text Size: 112KB - Virtual size: 108KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 36KB - Virtual size: 46KB

.reloc Size: 12KB - Virtual size: 9KB

.text
Size: 112KB - Virtual size: 108KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 36KB - Virtual size: 46KB

.reloc
Size: 12KB - Virtual size: 9KB