0e1084b841d253d33682d9550003f3a0_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

0e1084b841d253d33682d9550003f3a0_NeikiAnalytics.exe
Size

1.7MB
MD5

0e1084b841d253d33682d9550003f3a0
SHA1

4d13ddea08be155652f79702b5b47f4317d309dc
SHA256

a6d8258e42a9e4f33f1a46884ef23bdeb135ba79d5236a060b1d63b99df8475e
SHA512

84816042f4c2e28e317967cfc40bd03c9cd52e4a6d90567ae610c0fae56ddb938bd9cafec82a1fc669d3f2d6e903cf9c9861b33e2a1ae0b2c94876eb3b7424bc
SSDEEP

49152:rDoVqPLCavi0gfOHTPTK+NbSBrtLi1cuVHYMV:4VJaaVSbsBJWGuVHYq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e1084b841d253d33682d9550003f3a0_NeikiAnalytics.exe

Files

0e1084b841d253d33682d9550003f3a0_NeikiAnalytics.exe
.dll windows:5 windows x86 arch:x86

8cd0253d20b266e334956cd81870a28b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdi32

GetROP2
ResizePalette
GetTextExtentExPointI
SetBkMode
GetSystemPaletteUse
GetOutlineTextMetricsW

lz32

GetExpandedNameW

ws2_32

WSAGetLastError

shlwapi

PathGetCharTypeA

user32

InflateRect
GetUpdateRgn
GetMessageA
UnionRect
EnableScrollBar

setupapi

SetupDiGetDriverInstallParamsW

ole32

CoFreeUnusedLibraries

kernel32

GetProcessId
HeapUnlock
GetNativeSystemInfo
MultiByteToWideChar
TlsAlloc
SetCommConfig
CreateIoCompletionPort
GetModuleHandleA
GetFullPathNameW
GetModuleFileNameA
VerLanguageNameW
TerminateProcess
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsSetValue
SetLastError
GetCurrentThreadId
GetLastError
CompareStringW
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LCMapStringA
WideCharToMultiByte
LCMapStringW
GetStringTypeA
GetStringTypeW
LeaveCriticalSection
EnterCriticalSection
HeapFree
Sleep
ExitProcess
GetLocaleInfoA
HeapAlloc
InitializeCriticalSectionAndSpinCount
WriteFile
GetStdHandle
VirtualFree
VirtualAlloc
HeapReAlloc
LoadLibraryA
RtlUnwind

advapi32

RegCloseKey

Exports

Exports

OhalnSestawtl

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 674B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8cd0253d20b266e334956cd81870a28b

Headers

File Characteristics

Imports

gdi32

lz32

ws2_32

shlwapi

user32

setupapi

ole32

kernel32

advapi32

Exports

Exports

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.idata Size: 4KB - Virtual size: 674B

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 88KB - Virtual size: 92KB

.rsrc Size: 40KB - Virtual size: 38KB

.reloc Size: 12KB - Virtual size: 9KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.idata
Size: 4KB - Virtual size: 674B

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 88KB - Virtual size: 92KB

.rsrc
Size: 40KB - Virtual size: 38KB

.reloc
Size: 12KB - Virtual size: 9KB