2c58b878e7a7c7a5430da26e14a14600_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

2c58b878e7a7c7a5430da26e14a14600_NeikiAnalytics.exe
Size

63KB
MD5

2c58b878e7a7c7a5430da26e14a14600
SHA1

0809df5ff3a3645a3d6b9ce397e59b35534e4b2c
SHA256

a9d8e632fb4a0350d690ffa5c4933e3f8f82292ce374220826940bb2026d6cc3
SHA512

56f08d19cf6e7400c40875b353f05c8c5fdca9264ce1d81717b578b31130bb1e351b9aa51353827034bda16674d9b6b2c104cbb651c4e8341fca7f815b2c510c
SSDEEP

1536:4Jzq85tkqF1yhujPVCxqtiKQSH0MkOAXfdMgsCL:wq8TkqF1PtiJSH2XfvsCL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c58b878e7a7c7a5430da26e14a14600_NeikiAnalytics.exe

Files

2c58b878e7a7c7a5430da26e14a14600_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

66e090bb634b3d86529d395adb320846

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

HttpSendRequestW
InternetConnectW
HttpOpenRequestW
InternetSetPerSiteCookieDecisionW
InternetQueryDataAvailable
InternetCloseHandle
InternetOpenUrlW
InternetAttemptConnect
InternetClearAllPerSiteCookieDecisions
InternetReadFile
InternetSetOptionW
InternetOpenW

iphlpapi

GetIfTable

shlwapi

StrStrIA
PathMatchSpecW
PathCombineW
wvnsprintfW
PathRemoveFileSpecW
StrStrIW

kernel32

TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetVersionExA
GetFileSizeEx
RtlUnwind
MultiByteToWideChar
WideCharToMultiByte
HeapCreate
CopyFileW
CreateThread
WaitForMultipleObjects
FindClose
GetTickCount
VirtualProtect
CreateProcessW
SetUnhandledExceptionFilter
ExitProcess
CloseHandle
DeleteFileW
LoadLibraryW
GetLastError
ExpandEnvironmentStringsW
GetProcAddress
CreateDirectoryW
Sleep
FindFirstFileW
GetPrivateProfileIntW
GetPrivateProfileStringW
HeapReAlloc
GetFileSize
WriteFile
GetLocalTime
SetFilePointer
SetEndOfFile
GetVersionExW
HeapAlloc
CreateWaitableTimerW
SetWaitableTimer
FindNextFileW
SystemTimeToFileTime
HeapFree
ReadFile
GetModuleFileNameW
WaitForSingleObject
GetTimeZoneInformation
CreateFileW
VirtualQuery
VirtualFree
GetProcessHeap
GetCurrentDirectoryW
GetSystemTime
ResumeThread
VirtualAlloc
GetModuleHandleW
GetCommandLineW

user32

PeekMessageW
GetWindowLongW
DispatchMessageW
GetForegroundWindow
CharLowerW
CreateWindowExW
SetWindowLongW
SetParent
GetSystemMetrics
MessageBoxW
SetForegroundWindow
SetWindowPos
FindWindowW

advapi32

RegOpenKeyExW
RegEnumKeyExW
RegCreateKeyExW
RegQueryValueExW
RegSetValueExW
RegCloseKey

shell32

SHGetFolderPathW

ole32

CoCreateInstance
OleInitialize
CoInitialize

oleaut32

SysFreeString
VariantInit
SysAllocString
VariantClear

Sections

.text
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

66e090bb634b3d86529d395adb320846

Headers

File Characteristics

Imports

wininet

iphlpapi

shlwapi

kernel32

user32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 50KB - Virtual size: 50KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 512B - Virtual size: 97KB

.text
Size: 50KB - Virtual size: 50KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 512B - Virtual size: 97KB