647ddb8574f646a7c5ad51734c71c9e0_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

647ddb8574f646a7c5ad51734c71c9e0_NeikiAnalytics.exe
Size

180KB
MD5

647ddb8574f646a7c5ad51734c71c9e0
SHA1

9e9e4806ddfbb430bc4bb90a324cf5d94d189014
SHA256

c39c3b51d5abf4935aa23e5bafbccc461c7e6f57f7c2ddd0817539e27622a1b8
SHA512

1881a6bf02b1604b33cae27a0779982b86c33adfbe0a7970b57cd7051e4bbc113422feb423ca05e1795c4bdd1414b488ea1e0d9c7a026ac6e285d39bc763ca11
SSDEEP

3072:QLzZlJYivewFAyJw9HcAg0Fu/BtkB6DC:mlJYimwp48AOYB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
647ddb8574f646a7c5ad51734c71c9e0_NeikiAnalytics.exe

Files

647ddb8574f646a7c5ad51734c71c9e0_NeikiAnalytics.exe
.dll windows:4 windows x86 arch:x86

07043d4f42d5b91e41290725d095aba1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Current\MxProjectOld\release\MxSetupApi.pdb

Imports

kernel32

lstrlenA
WideCharToMultiByte
CompareStringW
MultiByteToWideChar
InterlockedExchange
GetLastError
CompareStringA
CreateFileA
CloseHandle
CopyFileA
GetModuleHandleA
GetSystemInfo
OpenEventA
SetEvent
GetFileSize
ReadFile
SetFilePointer
WriteFile
GetFileSizeEx
SetLastError
GetTempPathA
GetTempFileNameA
lstrcatA
FindResourceA
SizeofResource
LockResource
LoadResource
FindResourceExA
GetPrivateProfileStringA
GetVersionExA
OutputDebugStringA
SetEnvironmentVariableA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
FlushFileBuffers
DeleteFileA
GetWindowsDirectoryA
GetSystemDirectoryA
Sleep
TerminateProcess
GetExitCodeProcess
OpenProcess
Process32Next
lstrcmpiA
GetProcAddress
lstrcpyA
Process32First
CreateToolhelp32Snapshot
LoadLibraryA
GetCurrentProcess
SetFilePointerEx
GetStringTypeW
GetFileType
SetHandleCount
GetTimeZoneInformation
GetStringTypeA
GetConsoleMode
GetConsoleCP
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetACP
GetLocaleInfoA
GetThreadLocale
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
VirtualAlloc
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
GetCurrentThreadId
GetCommandLineA
RtlUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
VirtualFree
ExitProcess
GetStdHandle
GetModuleFileNameA
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetOEMCP
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
LCMapStringA
LCMapStringW
GetStartupInfoA

user32

UnregisterClassA
GetSystemMetrics

advapi32

QueryServiceStatus
RegOpenKeyExA
DeleteService
ControlService
StartServiceA
RegCloseKey
RegQueryValueExA
CreateServiceA
CloseServiceHandle
OpenServiceA
OpenSCManagerA

shlwapi

PathFileExistsA

ws2_32

WSAStartup
WSACleanup

wininet

InternetReadFile
InternetOpenA
InternetOpenUrlA
InternetCloseHandle
HttpQueryInfoA

iphlpapi

GetAdaptersInfo

Exports

Exports

MxClearOldVersion
MxDriverInstall
MxFindProc
MxKillProc
MxTrySetup
MxUpdateConfig

Sections

.text
Size: 120KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

07043d4f42d5b91e41290725d095aba1

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

shlwapi

ws2_32

wininet

iphlpapi

Exports

Exports

Sections

.text Size: 120KB - Virtual size: 116KB

.rdata Size: 32KB - Virtual size: 31KB

.data Size: 8KB - Virtual size: 13KB

.rsrc Size: 4KB - Virtual size: 176B

.reloc Size: 12KB - Virtual size: 9KB

.text
Size: 120KB - Virtual size: 116KB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 8KB - Virtual size: 13KB

.rsrc
Size: 4KB - Virtual size: 176B

.reloc
Size: 12KB - Virtual size: 9KB