f18a83c96f88f946db972e5a788195c0_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

f18a83c96f88f946db972e5a788195c0_NeikiAnalytics.exe
Size

3.0MB
MD5

f18a83c96f88f946db972e5a788195c0
SHA1

9a55514286dd690884f0c18439267436f59a3d10
SHA256

4083d671daac2786934c6872d4297a14103a25162075bda94d656221920d951c
SHA512

fda70ebaff2e0506dd363fcc1aeb5908b31052d1c1bdee58815c44bf718cd6c2a09acaf3f97c8242d57a8c16b247072caee391df59fd7292d303e251d32ffd0d
SSDEEP

49152:EyUX4mwl4gX/ElrTAeyIVau0E6XPuXz7Cug7U8Yh7OZg0veGHwPIS3OnX:E36lDv8RyOwu7CoX7QK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
f18a83c96f88f946db972e5a788195c0_NeikiAnalytics.exe

Files

f18a83c96f88f946db972e5a788195c0_NeikiAnalytics.exe
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

��'t\9��o�1f� � �PU�Fcr:k��g��)��.t=A,�]�U��ȕ��E��NW[��8�:��8I��F ,{�~� 4�"G ��t��!�w٫`�U��Aܬ��ɕi�+* �8�'�x�d��!'�:fC�MV�:��;��qz��zF{��Kͣ��V��n��3~}�į��Ys6D��b�09�),Dk��bq�o��F1��#Q�a��G״�3�9��1��W]��"-9O�nvQ(��kV߹ ��>y2��T��S�Kʆ�!)��.�8N9��zALs��"�b9 Q�G�6�h�h"�m|�Ǵ��W_ܺU��}��P��E��ł�O�RҤc�H��[�*;�ʹ��]��d��[�ݴ�ҍ��ywn��oJ�Crb:�揾�puZI��P�Z� ?ײ� ��C?o׆��E �l�%g3��|� �H��v� �禮̍A�5��ߐm)��:0��}!�T�=�R![3�W2ϹЈ�'܆9�Հͧ��^�آ�e��r�;(�u�`��d��rR[�q#'u ��o��f�EEʄ�"�5��"JR@�XDV8�d�X��.ij��0N+��bP��H�'�@_$DA�5Бa�7�)��ĠP��v��k�'��a�*� ��`u��w��89��,�β9l��|�z��&��.��T��d�?+�ݳ�s6��=L��tj�j��?]��/�I��3 t��v&Nʑ�E>�'\�\L ̇��.%��4[/%��K��8��m�/��!1R�OX��Sk��h��-��x1_�ͣ2�%YkO�~��ˋ��٠�Բ�� H��U�R$j� ��Ru�I�W��+U^m��q|��2g�j\��G�R��~��!�{eZ�30^J��/,��?�� s]��%d�])~d��ĝ��+��9��i�{U��Y��<�`�Z=�@�l4~�ɗ#�'��U��YC�p��pU�T�#��9�g��H|v=)K<�b.��G$��c�C'^�:�܆w�f�v�L�@��E�s�t.A6�U4ղ��ʚGS�>u��t� ��h��9��0xzTPl�_��i�D��f�I��N��߼��T�2�u!�*{@"K ș�� L0�E,?N��0ۑx3��@=��$��G�5��X�� n��85)Q�i��7�i"��V�`�"&��xE ��~ु�f��|�4kq�_�p�!j�W��4ss��%��'Ǆ��K�2H^��I2�B��)J�s��S�H@�H�7�KE�Q�M^b��+��DK��W��Ĝ��R7�K�K|Q��b��1�9��W.�+s/*�@٘��4Ba��E2�4�I�r'��BԂJ�:��*�q �ȳoM��9��sꗫ;h�;{GWgZ��&��@샩 �Lzˡj��u_��f!�bS͵��T��u�� x�6�~��+iPC��G��6��f�;݁� ��I2f��5[S'ٖ �R"�Yԣ�� xu��x�uar��LU�3��'ғ��լ�d�X�C�[��u�0�HtZ59�w��ֲ(�i��6j�]79�&�H~�h��j��-�(��[;0��4]e��& Q7@Ja�m��"��<��!G��Gca�o��3��a� �$F,=�j��N��p��Q\|��ت�#��:�L1r��J��j��/0>Z%obJ��vΑ��q�Z��DD�P��f�\��IBUH��@d��r �V��n�f�a�1w|��fS�j\��H��Q�KZ�9�4��!�>�g[�O�,��ftK�"��e�)k�)�RR�xN��.c<��mZ/��8x{�pKɰ�%��*B�/s� �t�7��:j�G��pF�w�N��0'�?��aK�|$H>�7� i��MdǺ5��n��mHd��JЋ|Ud%�G��n[:�D��m!�U܉��QSQ�zk��U��QK��'�$1]�jK�N�$�l��:��9��^��U�U��)�#��>�D�񕥺D��C��1�'Y�{��4�|��s� ��S=��Ĉ��;i>�B��N LI�<O��Gh�Wj�\�j��gՎ��v�?��M��'�q��2�S�2�P��et竪�u�(�+��F��ZS��~D��=)�p�\��!N}�C�jWKxq�60�KhI�/�h �*]�ؤ��#��y)�!3�S؃�T�WiJ��RXd��]��x['�u�� f��Q��̓��ӹ�g�Iw�n��Z:��qxMD!�1�'�q�_��g!F�mݻAp��u��{~8.T�^j��S��T^{�n�,9'IL�W'm\|�_�?��/{�u��|��:��O�� a��x]��9��[l��p�� oܳ��BZ��9i�n��`��#dc��+qY �;ip ��{ `�ޞ'��)��{Ʀx�Ϯ�.�V�LZV��e��г��7��;IН�a� XLIG[��O|�{k�6�Ô+�?�Mt�:o��+^#�1ؖ��v�(�Db}>HQdR�F DCK�)_�U @��Qȟ�gׄ��|�wYDz��C�3��`+� ��<��%S�[�v��|#DTL);SvCz��<�<��}L}]-�fL��u2~T��۪9��I��N�݆08�T��)��F�]�<��M4�c�|��sI��=��ȍ�Oړc�C��@�Ih��f�i��Z|,�0��j&P�sy�ݐ�cx�<��K.2�,�h�UOH�鐓��'b�c�]V��Y]��F��?0k��i}1NfY_�� {�6=��R�e.��{��UG�@��-�!ΜY��ռ��=x�s��y�b��S�=�yo�v��_`��s%0�ٗ�ѧ�eS)��1.�:��X˕�->�;u��+4�>;�QI�qk�(�L��)��ԓ��e�_��߈:��^�􌧪W��E+�� uߊAF��zS��4g��=�r��+��v�� -~��{I(aȌ�z1�O��r�w�3�ᔲBYS;�xL<M��t�VsZF2uf��S��Ҕ&.7�1G��H<�V4��s�dr�SP�K�6��f��gaZ|��O��V<��-j@a��B\�i�ƃ�)��ñ/G+��l�m�*Kz�k��e��W��h��5^ɮ 7��VX�W�*P=�A>�͖t)�*�t$��Ht�;�C��'j9�λ?�5��N4m�n~>�R�� !�&��i&�H2��X<��<L65��ޢ_��K.�

Sections

Size: 591KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 64KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 24KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 50KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 202KB - Virtual size: 7.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Exports

Exports

Sections

Size: 591KB - Virtual size: 1.4MB

Size: 64KB - Virtual size: 160KB

Size: 2KB - Virtual size: 20KB

Size: - Virtual size: 52KB

Size: 24KB - Virtual size: 40KB

.rsrc Size: 50KB - Virtual size: 52KB

Size: 202KB - Virtual size: 7.5MB

.data Size: 2.1MB - Virtual size: 2.1MB

.rsrc
Size: 50KB - Virtual size: 52KB

.data
Size: 2.1MB - Virtual size: 2.1MB