421172634539c2c45ad3fb7c87bb0660_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

421172634539c2c45ad3fb7c87bb0660_NeikiAnalytics.exe
Size

129KB
MD5

421172634539c2c45ad3fb7c87bb0660
SHA1

9a1e68ea5e8d43ec88893d489ac9d19146978f07
SHA256

21e12d5a154b0dae5620f40b2d9a6299b5a879137a6cc9be2b825b2949e42366
SHA512

7b7031afa36079f4654dbec409b17ea567b83eb9fbc839c4ac2fd8c0ce95d6eebcd473e89b97b3ccb2cb31559cf4df125b28c460dd774e92155569e3bcdd2c0d
SSDEEP

3072:MTvSv1Oa4F4azgQuEAA47dqFA3jjEv0E3:MeoS5DTZqFAz07

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
421172634539c2c45ad3fb7c87bb0660_NeikiAnalytics.exe

Files

421172634539c2c45ad3fb7c87bb0660_NeikiAnalytics.exe
.exe windows:0 windows x64 arch:x64

89c22f320ed3d7a3db0844d0098b5e8a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcp140

?_Xlength_error@std@@YAXPEBD@Z

kernel32

FormatMessageA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetModuleHandleW
GetSystemTimeAsFileTime
GetThreadLocale
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
LoadLibraryExA
LocalFree
QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter

vcruntime140

_CxxThrowException
__C_specific_handler
__CxxFrameHandler3
__current_exception
__current_exception_context
__std_exception_copy
__std_exception_destroy
memcpy
memmove
memset

api-ms-win-crt-runtime-l1-1-0

__p___argc
__p___argv
_c_exit
_cexit
_configure_narrow_argv
_crt_atexit
_exit
_get_initial_narrow_environment
_initialize_narrow_environment
_initialize_onexit_table
_initterm
_initterm_e
_invalid_parameter_noinfo_noreturn
_register_onexit_function
_register_thread_local_exe_atexit_callback
_seh_filter_exe
_set_app_type
exit
terminate

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__p__commode
__stdio_common_vfprintf
__stdio_common_vsprintf
_set_fmode

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-heap-l1-1-0

_callnewh
_set_new_mode
free
malloc

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-string-l1-1-0

strlen
strncpy

api-ms-win-crt-environment-l1-1-0

getenv

Sections

.itext
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 14KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 140B

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.code
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

89c22f320ed3d7a3db0844d0098b5e8a

Headers

DLL Characteristics

File Characteristics

Imports

msvcp140

kernel32

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-environment-l1-1-0

Sections

.itext Size: 88KB - Virtual size: 87KB

.isrc Size: 16KB - Virtual size: 15KB

.bss Size: 14KB - Virtual size: 30KB

.didata Size: 2KB - Virtual size: 2KB

.text Size: 512B - Virtual size: 56B

.rsrc Size: 512B - Virtual size: 140B

.data Size: 2KB - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 688B

.code Size: 1024B - Virtual size: 4KB

.itext
Size: 88KB - Virtual size: 87KB

.isrc
Size: 16KB - Virtual size: 15KB

.bss
Size: 14KB - Virtual size: 30KB

.didata
Size: 2KB - Virtual size: 2KB

.text
Size: 512B - Virtual size: 56B

.rsrc
Size: 512B - Virtual size: 140B

.data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 688B

.code
Size: 1024B - Virtual size: 4KB