da1d101ac3fd05ce7b7839cdb9ac1460_NeikiAnalytics[.]exe

General

Target

da1d101ac3fd05ce7b7839cdb9ac1460_NeikiAnalytics.exe
Size

318KB
MD5

da1d101ac3fd05ce7b7839cdb9ac1460
SHA1

de76f623b4fbebc2a740c16860c1051946a46f4c
SHA256

8338d60405e730602708623bbc23c97fea239a591c92576d3d0ae02d2ccce0b8
SHA512

1225e56f0d9ba20785ac5c35e6c621cca0bdc228c7fa833e4901f13693645ab7b5f5c6d3980b1b87bc5f0b4e9c828d48dc8fb2aecb051c1d5234582e3167e264
SSDEEP

3072:Cf08NLSgGD2IPp+WXy/AhAkZlz6P+VTeH7mwVFD9lclJQIE:CfhyysAkbGPeTeHlLas

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da1d101ac3fd05ce7b7839cdb9ac1460_NeikiAnalytics.exe

Files

da1d101ac3fd05ce7b7839cdb9ac1460_NeikiAnalytics.exe
.dll windows:4 windows x86 arch:x86

cbd6bccf71c6583733347164dc70ffd2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
GetStdHandle
GetFileType
SetStdHandle
CloseHandle
GetCommandLineA
GetVersion
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
GetCPInfo
GetACP
GetOEMCP
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetModuleFileNameA
SetHandleCount
WriteFile
SetFilePointer
GetStartupInfoA
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
HeapDestroy
HeapCreate
VirtualFree
GetStringTypeW
HeapFree
HeapAlloc
LCMapStringA
LCMapStringW
GetStringTypeA
VirtualAlloc
GetProcAddress
LoadLibraryA
FlushFileBuffers

user32

MessageBoxA
wsprintfA
LoadStringA

advapi32

RegQueryValueExA
RegOpenKeyA
RegCloseKey

Exports

Exports

VlcDisplayComResLoadError

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 287KB - Virtual size: 286KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cbd6bccf71c6583733347164dc70ffd2

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 14KB - Virtual size: 14KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 10KB - Virtual size: 15KB

.rsrc Size: 287KB - Virtual size: 286KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 14KB - Virtual size: 14KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 10KB - Virtual size: 15KB

.rsrc
Size: 287KB - Virtual size: 286KB

.reloc
Size: 2KB - Virtual size: 2KB