58e952f8198659ba72223fc10751bf40_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

58e952f8198659ba72223fc10751bf40_NeikiAnalytics.exe
Size

92KB
MD5

58e952f8198659ba72223fc10751bf40
SHA1

dda2cee2d3e256b0562fb265a3998e772267ffc6
SHA256

d2b46adc4cd75d0e821b3ceec7d1ad626194c86ab1c15fd7ca990be22ca2803d
SHA512

5ac6e5e2b37840d438f2beaff8f1b20e33e7cb71c74c91c735b15b20caed30f010da0c412c1484ed914bbab5505bdf73c28a492b141eba662b549b367232fb82
SSDEEP

1536:mmva4P6cHS/ja5hm/WQ9LsmgsngD6DHS/j3:mmva4icHWa58eELsmgFD6DHW3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
58e952f8198659ba72223fc10751bf40_NeikiAnalytics.exe

Files

58e952f8198659ba72223fc10751bf40_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

c92d553ba7d439ff859fa551986d4841

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

xul

GRE_GetGREPathWithProperties
??1nsINIParser@@QAE@XZ
?GetString@nsINIParser@@QAEIPBD0AAVnsACString_internal@@@Z
?Init@nsINIParser@@QAEIPAVnsILocalFile@@@Z
XRE_GetFileFromPath
?sCanonicalVTable@nsObsoleteACString@@2PBXB
NS_NewNativeLocalFile_P
?assign_from_qi@nsCOMPtr_base@@QAEXVnsQueryInterface@@ABUnsID@@@Z
?sCanonicalVTable@nsObsoleteAString@@2PBXB
?NS_CopyNativeToUnicode@@YAIABVnsACString_internal@@AAVnsAString_internal@@@Z
NS_InitXPCOM2_P
?assign_from_gs_contractid@nsCOMPtr_base@@QAEXVnsGetServiceByContractID@@ABUnsID@@@Z
NS_ShutdownXPCOM_P
??1nsAString_internal@@QAE@XZ
?GetString@nsINIParser@@QAEIPBD0PADI@Z
XRE_GetBinaryPath
??1nsCOMPtr_base@@QAE@XZ
XRE_main
??1nsACString_internal@@QAE@XZ

nspr4

PR_GetEnv
PR_smprintf_free
PR_sscanf
PR_Write
PR_snprintf
PR_vsmprintf
PR_Close
PR_Read
PR_SetEnv

plc4

PL_strcasecmp

user32

MessageBoxA

advapi32

RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegQueryValueExA
RegSetValueExA
RegOpenKeyExA

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_iob
fprintf
strcpy
sprintf
__p___argv
__p___argc
strlen
printf

kernel32

GetStartupInfoA
GetModuleHandleA

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c92d553ba7d439ff859fa551986d4841

Headers

File Characteristics

Imports

xul

nspr4

plc4

user32

advapi32

msvcrt

kernel32

Sections

.text Size: 8KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 72KB - Virtual size: 68KB

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 72KB - Virtual size: 68KB