30f4e3c87c57375193c848622c65a770_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

30f4e3c87c57375193c848622c65a770_NeikiAnalytics.exe
Size

2.0MB
MD5

30f4e3c87c57375193c848622c65a770
SHA1

57526d5ef3848374cb583dc1ee007017e1cdd367
SHA256

a8ca3436e6dc99689b6c7d941b4cc01d0d64df49c9e72d79fb289f6638e7df59
SHA512

d39a9293e79dd0031c5128185cb4ede7997c6a88ae661966481065d9ef91f20d763a588014d63dcccedf06e4b03bb19f698f331e790e704eab907a5eddeab2a6
SSDEEP

49152:6l20i8Ewu1R1v0njTDQRyGw0AVYDea9mi:F0R4p0nfDQnDea9mi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30f4e3c87c57375193c848622c65a770_NeikiAnalytics.exe

Files

30f4e3c87c57375193c848622c65a770_NeikiAnalytics.exe
.exe windows:6 windows x86 arch:x86

84399b5970253b8a34d4dbb90a05e4ed

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegGetValueW
RegCloseKey
CryptAcquireContextW
CryptGenRandom
CryptReleaseContext
RegOpenKeyExA

kernel32

GetFileType
WriteConsoleW
GetCurrentProcess
LeaveCriticalSection
LoadLibraryW
GetProcAddress
EnterCriticalSection
InitializeCriticalSection
SetUnhandledExceptionFilter
SetConsoleCtrlHandler
SetErrorMode
RtlCaptureContext
GetCurrentThread
GetCurrentThreadId
GetLastError
GetCurrentProcessId
CloseHandle
ExpandEnvironmentStringsW
SetLastError
GetEnvironmentVariableW
GetNativeSystemInfo
GetProcessTimes
GetCommandLineW
FindFirstFileW
FindNextFileW
FindClose
GetModuleFileNameW
GetLongPathNameW
GetConsoleMode
GetStdHandle
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
GetSystemTimeAsFileTime
GetModuleHandleW
GetFileAttributesW
CreateFileW
GetCurrentDirectoryW
CreateDirectoryW
SetCurrentDirectoryW
GetVolumePathNameW
GetDriveTypeW
GetFinalPathNameByHandleW
Sleep
GetFileInformationByHandle
MoveFileExW
SetFileTime
CreateFileMappingW
MapViewOfFile
VirtualQuery
DuplicateHandle
UnmapViewOfFile
FlushFileBuffers
GetSystemInfo
FindFirstFileExW
GetSystemTime
SystemTimeToFileTime
SetFileInformationByHandle
ReadFile
MultiByteToWideChar
WideCharToMultiByte
RaiseException
WaitForSingleObject
CreateProcessW
CreateJobObjectW
SetInformationJobObject
AssignProcessToJobObject
SetProcessAffinityMask
ResumeThread
TerminateProcess
K32GetProcessMemoryInfo
GetExitCodeProcess
SearchPathW
FormatMessageA
LocalFree
VirtualProtect
FreeLibrary
LoadLibraryExA
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
UnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
QueryPerformanceCounter
InitializeSListHead
InitOnceBeginInitialize
InitOnceComplete
InitializeCriticalSectionAndSpinCount

msvcp140

?_Xbad_function_call@std@@YAXXZ
?_Raise_handler@std@@3P6AXABVexception@stdext@@@ZA
?_Xlength_error@std@@YAXPBD@Z
?_Winerror_map@std@@YAHH@Z
?_Syserror_map@std@@YAPBDH@Z
_Mtx_lock
_Mtx_unlock
?_Throw_C_error@std@@YAXH@Z
_Mtx_init_in_situ
?_Xout_of_range@std@@YAXPBD@Z
_Mtx_destroy_in_situ
?set_new_handler@std@@YAP6AXXZP6AXXZ@Z

vcruntime140

__std_exception_destroy
_CxxThrowException
__current_exception_context
__current_exception
__CxxFrameHandler3
strchr
memchr
memset
_purecall
memcmp
memmove
memcpy
_except_handler4_common
__std_exception_copy

api-ms-win-crt-heap-l1-1-0

_set_new_mode
realloc
malloc
free
calloc
_callnewh

api-ms-win-crt-runtime-l1-1-0

abort
exit
_invoke_watson
_invalid_parameter_noinfo_noreturn
_controlfp_s
terminate
_set_error_mode
_set_abort_behavior
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_crt_atexit
_cexit
signal
_seh_filter_exe
_set_app_type
_errno
_get_initial_narrow_environment
_initterm
_initterm_e
_exit
_register_thread_local_exe_atexit_callback
__p___argc
__p___argv
_c_exit

api-ms-win-crt-string-l1-1-0

isupper
wcslen
tolower
strnlen
islower
isalnum
strncmp
strcmp
toupper
isalpha
strlen

api-ms-win-crt-utility-l1-1-0

qsort
rand
srand
_byteswap_ushort

api-ms-win-crt-stdio-l1-1-0

__p__commode
_open_osfhandle
__acrt_iob_func
_lseek
_write
_close
fflush
_set_fmode
_get_osfhandle
_fileno
_lseeki64
__stdio_common_vsprintf
_setmode

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-math-l1-1-0

log10
ceil
__setusermatherr

api-ms-win-crt-time-l1-1-0

_localtime64
_time64
asctime

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 199KB - Virtual size: 198KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 612KB - Virtual size: 616KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

84399b5970253b8a34d4dbb90a05e4ed

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

msvcp140

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 199KB - Virtual size: 198KB

.data Size: 4KB - Virtual size: 13KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 612KB - Virtual size: 616KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 199KB - Virtual size: 198KB

.data
Size: 4KB - Virtual size: 13KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 612KB - Virtual size: 616KB