1ff5c2f1a15c20e7087f1683f7a04bb0_NeikiAnalytics[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1ff5c2f1a15c20e7087f1683f7a04bb0_NeikiAnalytics.exe
Size

25KB
MD5

1ff5c2f1a15c20e7087f1683f7a04bb0
SHA1

6191288c41fecd93e4ef785a4e348b830d0d4eea
SHA256

ad51d06a3db019d870df797d44b7d7038d1202b81ae082c43cd55a586014a279
SHA512

504112638f2048e70a3c2581db39617d16c460b7584f04197e26425456d4887e08da4d44b0db01a2d3c5c8b27f9b387f8ab58fc5a172053d2e156959e1ecb034
SSDEEP

384:S/NCoOtP2mNAff4i1QqMz0K/0/KkT7WsWsZ82dB7G:MNCoOhofZ9A0Kc/RT74grb7G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1ff5c2f1a15c20e7087f1683f7a04bb0_NeikiAnalytics.exe

Files

1ff5c2f1a15c20e7087f1683f7a04bb0_NeikiAnalytics.exe
.dll windows:6 windows x86 arch:x86

d9fe47c4ec19bbe0d3dadd7d7f19588e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wininet

InternetConnectA
HttpQueryInfoA
InternetReadFile
InternetCloseHandle
HttpOpenRequestA
HttpSendRequestA
InternetOpenA

kernel32

HeapAlloc
ReadFile
GetFileSize
GetTickCount
GetProcAddress
LoadLibraryA
FreeLibrary
GetTempPathW
GetTempFileNameW
CreateProcessW
WaitForSingleObject
CloseHandle
DeleteFileW
CreateFileW
WriteFile
CreateEventW
CreateThread
SetEvent
GetSystemTime
GetLocalTime
HeapFree
WideCharToMultiByte
MultiByteToWideChar

user32

ReleaseDC
GetWindowDC
GetWindowRect
GetDesktopWindow

ntdll

_aulldiv
memcpy
memset
_allmul

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 796B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 730B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ