91ef138bb6e1b87c27717de62499c2d0_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

91ef138bb6e1b87c27717de62499c2d0_NeikiAnalytics.exe
Size

24KB
MD5

91ef138bb6e1b87c27717de62499c2d0
SHA1

827a4c120de118d9066018d71c4e7622865cc024
SHA256

a4761ea7a5e2643adee1f6792d978525436a89de552760a8da18313bf8e6211e
SHA512

d06571b89d085f0b2f4bf7c5276371453db287193fb1deea1536eb48f4e23b526d1967a27ea2f95109d6fb3adc43cb3281c2e75de46b4b649d4696d2c8292c9b
SSDEEP

96:LDNw28g2p/w+p8QgFU9TCNnjPpF8/XC0K70hktITX6AKWuQr9E17C:f8fp/JOQgFUdCpX8aZIktITX+WE1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
91ef138bb6e1b87c27717de62499c2d0_NeikiAnalytics.exe

Files

91ef138bb6e1b87c27717de62499c2d0_NeikiAnalytics.exe
.dll windows:4 windows x86 arch:x86

7f387e63d632ab515aaced707c2bb7fd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
DisableThreadLibraryCalls
GetProcAddress

user32

MessageBoxW

gccore

?Init@ModuleBase@@IAEXPAUHINSTANCE__@@@Z
?LocalLoadLibrary@ModuleBase@@QAEPAUHINSTANCE__@@ABVString@@_N@Z
??1String@@QAE@XZ
?Free@ModuleBase@@IAEXXZ
??1ModuleBase@@UAE@XZ
??0ModuleBase@@QAE@XZ

msvcp60

?_C@?1??_Nullstr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@CAPBGXZ@4GB
?_Eos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEXI@Z
?_Grow@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAE_NI_N@Z
?_Split@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEXXZ
?_Xran@std@@YAXXZ
?_Tidy@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEX_N@Z
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBGI@Z
?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB

msvcrt

__CxxFrameHandler
wcslen
??2@YAPAXI@Z
__dllonexit
_onexit
??1type_info@@UAE@XZ
_initterm
malloc
_adjust_fdiv
free

Exports

Exports

?AMCDOM_Initialize@@YAX_NPBVString@@@Z
?g_AMCDOM@@3PBVIAMCDOM@@B

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 604B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 392B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7f387e63d632ab515aaced707c2bb7fd

Headers

File Characteristics

Imports

kernel32

user32

gccore

msvcp60

msvcrt

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 2KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 604B

.rsrc Size: 4KB - Virtual size: 912B

.reloc Size: 4KB - Virtual size: 392B

.text
Size: 4KB - Virtual size: 2KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 604B

.rsrc
Size: 4KB - Virtual size: 912B

.reloc
Size: 4KB - Virtual size: 392B