637dd5117516810a732c7bd92b448a30_NeikiAnalytics[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

637dd5117516810a732c7bd92b448a30_NeikiAnalytics.exe
Size

432KB
MD5

637dd5117516810a732c7bd92b448a30
SHA1

3bed127806d5f6fa3bb961a635ba2ed180fc09fe
SHA256

9c942d6458a9460ecad40904207630e234721af448559b26953f571de108cb98
SHA512

f2349d707926d8d9140f1d4e5003a63afe17034fe2aac350b73c07fd5e29467c1fbe86cfe8bfd9591bb807aac6b492e280aa1429afd350cfc439489b7af8ca91
SSDEEP

6144:MQziX0WRRoHpiIoLTDZ7ZWjaRcD7KFMh1VKVwVXasCoKySQXMY9:MRdNLJ7ZBMVKVwVXayXr9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
637dd5117516810a732c7bd92b448a30_NeikiAnalytics.exe

Files

637dd5117516810a732c7bd92b448a30_NeikiAnalytics.exe
.dll windows:4 windows x86 arch:x86

f3574ef5f579c8f3676358a007197afa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_adjust_fdiv
malloc
_initterm
free
_setjmp3
sprintf
exit
longjmp

kernel32

DisableThreadLibraryCalls
FreeLibrary
GetSystemTime
LocalAlloc
LocalFree
InterlockedExchange
GetCommandLineA
GetModuleHandleA
GetLastError
GetProcAddress
LoadLibraryA
Sleep

user32

MessageBoxA
CharUpperA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

Exports

Exports

UR2CI100
_mFdllinfo

Sections

.text
Size: 408KB - Virtual size: 405KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 845B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ