4e0c3fa2c0f31c6a4f02ee958b3e5030_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

4e0c3fa2c0f31c6a4f02ee958b3e5030_NeikiAnalytics.exe
Size

94KB
MD5

4e0c3fa2c0f31c6a4f02ee958b3e5030
SHA1

5b8814055220f51cf2382b3200999aadf5f4614b
SHA256

d7a747de6db28b9aa0de4dba6510d0ae62dda386c8518c0ed2a31c6503a5a2da
SHA512

2e4cb57009e7d6717ffecf2a8b9bf332a3eaa65a4d6514ecf4b0806d39cfb9feb543f34e88465c36f8277eae8b0bababff6eeff4ba19b9df60ef732dbab16a30
SSDEEP

1536:Sdyql1M7wIIEuti7rEYivykYkpaWj0OlgG7mJAm/lGb3zlsH:SdV1Z1i3QKqlgGCJr/l/H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4e0c3fa2c0f31c6a4f02ee958b3e5030_NeikiAnalytics.exe

Files

4e0c3fa2c0f31c6a4f02ee958b3e5030_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

d2f8b54b620a14509449dc954d3f2b8b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

inet_addr
gethostbyname
WSAStartup
gethostname

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

kernel32

GetCurrentProcessId
GlobalAlloc
ReadFile
GetFileSize
CreateFileA
WriteFile
GetCurrentDirectoryA
GetWindowsDirectoryA
GetSystemDirectoryA
GetTempPathA
lstrcatA
lstrlenA
OpenMutexA
lstrcmpiA
GetModuleFileNameA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetCommandLineA
CreateProcessA
GetProcAddress
LoadLibraryA
GetModuleHandleA
OpenEventA
CopyFileA
DeleteFileA
MultiByteToWideChar
WideCharToMultiByte
OpenProcess
VirtualFree
lstrcmpA
SetFilePointer
SetFileAttributesA
GetFileAttributesA
CreateDirectoryA
SetFileTime
GetFileTime
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetSystemTimeAsFileTime
DeviceIoControl
GetVolumeInformationA
GetDriveTypeA
GetLogicalDrives
GetVersionExA
GetTimeZoneInformation
GetSystemDefaultLCID
ResumeThread
SetPriorityClass
GetCurrentProcess
GetCurrentThread
SetThreadPriority
SetEndOfFile
GetOEMCP
LocalAlloc
LocalFree
SetEvent
CreateMutexA
GetLastError
CreateEventA
GlobalFree
CreateThread
CloseHandle
SetCurrentDirectoryA
WaitForSingleObject
Sleep
VirtualProtect
GetSystemInfo
LCMapStringA
LCMapStringW
HeapSize
VirtualAlloc
GetACP
GetLocaleInfoA
GetCPInfo
GetStringTypeW
GetStringTypeA
FlushFileBuffers
SetStdHandle
VirtualQuery
InterlockedExchange
RtlUnwind
InitializeCriticalSection
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
HeapAlloc
HeapFree
GetStartupInfoA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapDestroy
HeapCreate
HeapReAlloc
SetHandleCount
GetStdHandle
GetFileType
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
ExitProcess
TerminateProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA

user32

wsprintfA

advapi32

QueryServiceStatus
GetUserNameA
ControlService
CreateServiceA
StartServiceA
RegSetValueExA
RegOpenKeyExA
RegCloseKey
OpenSCManagerA
OpenServiceA
CloseServiceHandle
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
SetServiceStatus

ole32

CoCreateInstance
CoInitializeSecurity
CoInitializeEx
CoUninitialize

wininet

HttpQueryInfoA
InternetGetConnectedState
InternetOpenA
InternetSetCookieA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

urlmon

ObtainUserAgentString

iphlpapi

GetIpAddrTable
GetNetworkParams
GetAdaptersInfo
GetIfEntry

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d2f8b54b620a14509449dc954d3f2b8b

Headers

File Characteristics

Imports

ws2_32

version

kernel32

user32

advapi32

ole32

wininet

urlmon

iphlpapi

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 30KB - Virtual size: 36KB

.rsrc Size: 1024B - Virtual size: 984B

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 30KB - Virtual size: 36KB

.rsrc
Size: 1024B - Virtual size: 984B