74d19ee9dc031da4ef7cac6b1e0805a0_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

74d19ee9dc031da4ef7cac6b1e0805a0_NeikiAnalytics.exe
Size

80KB
MD5

74d19ee9dc031da4ef7cac6b1e0805a0
SHA1

38893bec6f9974dd7233f3738642791f1d4dad55
SHA256

57f7ca1daf96e58cd599a196adf4a425596cacee42d5b39ddb406da911b878c7
SHA512

35afb1fb1eac5756761565fb223dcadedb93c9e7bdcf754b2109330751a87be5797d16a9821daa2b6e6c7d6782b020cc354543a2e38ef80475ffab95bf30dd85
SSDEEP

1536:nBVUkOPWdDhdBMBNk8v6meAL+vDEUWGhb2k5LkLsoQpQ2aEBNr73nHk9OSx/Kkgb:nvVck8ymeAavDLhb2ekQ9BN/8x/Fg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
74d19ee9dc031da4ef7cac6b1e0805a0_NeikiAnalytics.exe

Files

74d19ee9dc031da4ef7cac6b1e0805a0_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

a28f268c59f5cf81ee37b832e2c0d7e5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObjectEx
SetEvent
OpenEventA
InterlockedIncrement
WaitForSingleObject
ExitThread
DeleteFileA
UnmapViewOfFile
lstrcatA
OutputDebugStringA
GetTickCount
GetCurrentThread
WriteProcessMemory
MapViewOfFileEx
CreateFileMappingA
VirtualFree
VirtualAlloc
SetThreadContext
GetThreadContext
CreateRemoteThread
ResumeThread
OpenProcess
CreateProcessA
FindNextFileA
FindFirstFileA
TerminateProcess
Process32Next
Process32First
CreateToolhelp32Snapshot
ExitProcess
VirtualFreeEx
DuplicateHandle
QueryDosDeviceA
GetLogicalDriveStringsA
CreateThread
SetUnhandledExceptionFilter
SetErrorMode
GetWindowsDirectoryA
GetTempFileNameA
GetTempPathA
GetFileAttributesA
CopyFileA
CreateEventA
CreateFileA
MapViewOfFile
SetFileTime
GetFileTime
GetSystemTimeAsFileTime
GetExitCodeThread
VirtualProtectEx
RemoveDirectoryA
WideCharToMultiByte
MultiByteToWideChar
GetCommandLineA
OpenFile
ResetEvent
GlobalAlloc
GlobalFree
Sleep
GetSystemDirectoryA
GetVersionExA
IsBadReadPtr
FreeLibrary
lstrcmpA
SetLastError
FlushInstructionCache
GetCurrentProcessId
CloseHandle
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
GetCurrentProcess
InitializeCriticalSection
lstrcpynA
lstrcmpiA
HeapFree
GetProcessHeap
HeapAlloc
lstrlenA
HeapReAlloc
GetLastError
lstrcpyA
VirtualQuery
VirtualProtect
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
VirtualAllocEx
LoadLibraryA

user32

wvsprintfA
wsprintfA

advapi32

QueryServiceConfigA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
RegCreateKeyExA
RegSetValueExA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
AdjustTokenPrivileges
RegQueryValueExA
OpenProcessToken
GetTokenInformation
RegEnumValueA
RegOpenKeyExA
RegCloseKey
ChangeServiceConfigA
CreateServiceA
DeleteService
RegNotifyChangeKeyValue

ole32

CoTaskMemAlloc

oleaut32

SysFreeString
VariantInit
SysAllocString

wininet

InternetReadFile
HttpQueryInfoA
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetCanonicalizeUrlA
InternetOpenA
InternetQueryDataAvailable
InternetCrackUrlA
InternetCloseHandle
InternetSetOptionA
FindFirstUrlCacheEntryA
FindNextUrlCacheEntryA
FindCloseUrlCache
InternetQueryOptionA
HttpAddRequestHeadersA

shlwapi

PathQuoteSpacesA

rpcrt4

RpcStringFreeA
UuidToStringA
UuidCreate

ws2_32

shutdown
closesocket
WSAGetLastError
connect
ioctlsocket
htons
htonl
bind
setsockopt
socket
select
inet_ntoa
accept
listen
getpeername
inet_addr
ntohs
WSAStartup
WSACleanup
gethostbyname
recv
send
ntohl

urlmon

ObtainUserAgentString

Exports

Exports

?unzip@@YAPAXPADPAK@Z
InstallHook
_WorkProc@4
__mp@4

Sections

.text
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a28f268c59f5cf81ee37b832e2c0d7e5

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

wininet

shlwapi

rpcrt4

ws2_32

urlmon

Exports

Exports

Sections

.text Size: 73KB - Virtual size: 73KB

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 73KB - Virtual size: 73KB

.reloc
Size: 6KB - Virtual size: 6KB