systembc | 3403bdd184e772daacaa4b58e8805600_NeikiAnalytics[.]exe | Triage

Sharing

General

Target

3403bdd184e772daacaa4b58e8805600_NeikiAnalytics.exe
Size

8KB
MD5

3403bdd184e772daacaa4b58e8805600
SHA1

65ed76bf4d4ee874598741e775b527784d8cc85d
SHA256

e58a2bec2bec04c0d9aef331189768b137292bb1fcae3b8b2547d993d7b271ce
SHA512

c43ada9aad8fcc8580d738ce2ccd4aa43a90ff0980f7605d37b76fb4ed6c505f0e0759e653ec526f3f14055b58081240104e48cad23ff7120a0a5355fd820e44
SSDEEP

96:kjcmO8QYts4D6x7Aa4Gn8Vk/MM4odWLqJBDeoUy7fZd9yai4a92al+gMr6HS:kAT8tdOxMa4a/Zbdfrdffral+Qy

Score

10^/10

systembc

Malware Config

Extracted

Family

systembc

C2

85.239.54.190:443

Signatures

Systembc family
systembc

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3403bdd184e772daacaa4b58e8805600_NeikiAnalytics.exe

Files

3403bdd184e772daacaa4b58e8805600_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

244e050a81e77998691e7f8e5062a40a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

UpdateWindow
TranslateMessage
ShowWindow
RegisterClassA
PostQuitMessage
LoadIconA
LoadCursorA
GetMessageA
DispatchMessageA
DefWindowProcA
CreateWindowExA

kernel32

GetCommandLineA
WaitForSingleObject
VirtualFree
VirtualAlloc
Sleep
CloseHandle
CreateEventA
CreateMutexA
CreateThread
ExitProcess
OpenMutexA
GetModuleHandleA
GetVolumeInformationA
SetEvent

advapi32

RegSetValueExA
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyExA
RegCloseKey

wsock32

WSAStartup
closesocket
connect
htons
ioctlsocket
recv
select
send
setsockopt
shutdown
socket

ws2_32

freeaddrinfo
WSAIoctl
getaddrinfo

secur32

GetUserNameExA

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 272B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ