2892503a706f66384bc09968196f7d70_NeikiAnalytics[.]exe

General

Target

2892503a706f66384bc09968196f7d70_NeikiAnalytics.exe
Size

31KB
MD5

2892503a706f66384bc09968196f7d70
SHA1

c1de4425447c968658616c22fd5f7641b3f717b2
SHA256

97ba8efcc8429d16db03f5fcc8bdbd24ca33fcf691eb3a9ecd4629a9b2ea5c5b
SHA512

86dfd99b20bef6b91413524b66b5c95c58eb440ae85872d0f274eb899e4d5f17889a3970a5cd561c02015b4ca762d10551315bf9f44681bbefdf7d3be7331ad0
SSDEEP

384:DgxKuKb2mt7yW94jr9T62NfOBq8t6+juqYsRLsQ+92i7:DgkJ2mt2rB/RwLYtY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2892503a706f66384bc09968196f7d70_NeikiAnalytics.exe

Files

2892503a706f66384bc09968196f7d70_NeikiAnalytics.exe
.dll windows:4 windows x86 arch:x86

8f222712f560aea44de31ee359154814

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TlsAlloc
InitializeCriticalSection
FreeLibrary
GetProcAddress
LoadLibraryA
GetLastError
UnmapViewOfFile
IsDBCSLeadByteEx
GetACP
GlobalLock
GlobalAlloc
GlobalFree
GlobalUnlock
CloseHandle
MapViewOfFile
CreateFileMappingA
GetFileSize
CreateFileA
GetModuleFileNameA
GetCPInfo
SetStdHandle
FlushFileBuffers
SetFilePointer
GetCommandLineA
GetModuleHandleA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
DeleteCriticalSection
TlsFree
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapCreate
HeapDestroy
GetOEMCP
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
HeapFree
VirtualAlloc
VirtualFree
WriteFile
EnterCriticalSection
LeaveCriticalSection
HeapAlloc

winspool.drv

GetPrinterDriverA
DeviceCapabilitiesA
OpenPrinterA
ClosePrinter

Exports

Exports

DllMain
FreeExclusive
GetCommandBase
GetCommandChange
GetCommandValue
GetDependDllName
GetDriverDevmode
GetDriverIniFileName
GetExclusive
GetPrinterOption
GetPrinterValue
GetWaterMarkList
SetCommandBase
UpdateCommand

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8f222712f560aea44de31ee359154814

Headers

File Characteristics

Imports

kernel32

winspool.drv

Exports

Exports

Sections

.text Size: 14KB - Virtual size: 14KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 10KB - Virtual size: 15KB

.rsrc Size: 1024B - Virtual size: 776B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 14KB - Virtual size: 14KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 10KB - Virtual size: 15KB

.rsrc
Size: 1024B - Virtual size: 776B

.reloc
Size: 1KB - Virtual size: 1KB