abec0ea24418dc2bd67848a17648b560_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

abec0ea24418dc2bd67848a17648b560_NeikiAnalytics.exe
Size

444KB
MD5

abec0ea24418dc2bd67848a17648b560
SHA1

9c3c8c37e3832b20f55276f64a941a7db3554291
SHA256

b1d1a2502568a84fb7fbc961f129adb472251c35f1ff6b35be9d96f5aa2fc1b1
SHA512

f3b9d2abe8d4b9a06ed11949edefa352c259d40adf05424dd8a2b670b3c9551c5a09512010e594f2c7cbe92d13384c34e09b39a521bbc073cc36d8f413e726f4
SSDEEP

1536:4J5fN9MFSzlSCzW/SgFEPdkkq4/F54eRNH8LNf28m:lStsUhqY54er8V28m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
abec0ea24418dc2bd67848a17648b560_NeikiAnalytics.exe

Files

abec0ea24418dc2bd67848a17648b560_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

fc811fa04a3f9a5293e9b1858e717afa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dbghelp

MiniDumpWriteDump

kernel32

LoadResource
FindResourceExW
FreeLibrary
GetProcAddress
LoadLibraryW
GetCurrentProcess
CloseHandle
GetCurrentThreadId
CreateFileW
GetCurrentProcessId
SetUnhandledExceptionFilter
FindClose
CompareFileTime
FindNextFileW
FindFirstFileExW
GetLastError
CreateMutexW
Sleep
GetExitCodeProcess
LockResource
FormatMessageW
CreateProcessW
GetTickCount
GetStdHandle
SearchPathW
GlobalMemoryStatus
SetCurrentDirectoryW
GetModuleFileNameW
GetModuleHandleW
HeapSize
GetDriveTypeA
GetLocaleInfoA
OutputDebugStringW
GetUserDefaultUILanguage
CreateFileA
LocalFree
TlsGetValue
GetStringTypeW
RtlUnwind
RaiseException
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
FindFirstFileW
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoA
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleA
FlushFileBuffers
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetFullPathNameW
GetCurrentDirectoryA
WideCharToMultiByte
ExitProcess
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
WriteFile
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
SetFilePointer
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
MultiByteToWideChar
GetTimeZoneInformation
VirtualAlloc
HeapReAlloc
LCMapStringA
LCMapStringW
CompareStringA
CompareStringW
SetEnvironmentVariableA
LoadLibraryA
InitializeCriticalSection
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetStringTypeA

user32

GetWindowTextW
EnumWindows
GetWindowThreadProcessId
IsWindowVisible
ShowWindow
SetForegroundWindow
MessageBoxW

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey
GetUserNameW

shell32

FindExecutableW

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 364KB - Virtual size: 360KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fc811fa04a3f9a5293e9b1858e717afa

Headers

File Characteristics

Imports

dbghelp

kernel32

user32

advapi32

shell32

Sections

.text Size: 56KB - Virtual size: 55KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 4KB - Virtual size: 13KB

.rsrc Size: 364KB - Virtual size: 360KB

.text
Size: 56KB - Virtual size: 55KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 13KB

.rsrc
Size: 364KB - Virtual size: 360KB