7a152d5e19a7ff3e8cdc73bcc734c2f0_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

7a152d5e19a7ff3e8cdc73bcc734c2f0_NeikiAnalytics.exe
Size

831KB
MD5

7a152d5e19a7ff3e8cdc73bcc734c2f0
SHA1

cb9a2ec3fd8c84e5ec49d1dd039a998d50e5b758
SHA256

b4d76b2282a57db1d3eaadd1bbb7f3d92d99af91a46fa95f818f9fee970df5f1
SHA512

6ebf66d7d8586586061e8d73f75fb1453ee1b4521664e479ebb68e4d0ddf607a1cb9d46631e3ebdf7c136fca1db30680ab0ffe8ced36c4bd4418a965ac124022
SSDEEP

24576:kz/eZ8/BrQZSxHZz4S/QjX0ngWyUYgsevD9irGMFqrDNhja1x63:K9YU9TZ/V3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7a152d5e19a7ff3e8cdc73bcc734c2f0_NeikiAnalytics.exe

Files

7a152d5e19a7ff3e8cdc73bcc734c2f0_NeikiAnalytics.exe
.exe windows:5 windows x86 arch:x86

caf934aae8d4a2544b1e15bf8de12558

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\PROGRAM FILES\PAXPAYPRO2010\MYAPP\SP30 EMV 505\Debug\EdcTest.pdb

Imports

payprocore

ScrPlot
GetTime
PedGetPinBlock
PedGetMac
ScrSelectFont
EnumFont
PedWriteKey
OnBase
ScrSetOutput
freesize
Hash
PedVerifyPlainPin
PedVerifyCipherPin
IccIsoCommand
PortTxPoolCheck
IccInit
RSARecover
PciGetRandom
ScrDrLogoxy
IccClose
Beep
WlGetSignal
WlPppLogout
WlPppCheck
WlPppLogin
WlInit
NetSocket
SockAddrSet
NetConnect
DhcpStart
NetCloseSocket
NetRecv
Netioctl
NetSend
DhcpCheck
EthGet
DhcpStop
EthSet
PrnStatus
PrnLeftIndent
PrnSelectFont
PrnDoubleWidth
PrnDoubleHeight
PrnSpaceSet
MagClose
MagOpen
MagReset
SystemInit
kbmute
MagSwiped
MagRead
IccDetect
SetTime
ReadSN
GetTermInfo
remove
filesize
fexist
PrnStep
PrnLogo
ScrDrLogo
PiccIsoCommand
ScrFontSet
Lcdprintf
ScrGotoxy
s_GetMatrixDot
ModemAsyncGet
ModemRxd
ModemTxd
OnHook
ModemDial
ModemCheck
PortClose
PortRecv
RouteGetDefault
RouteSetDefault
PrnStart
PortSend
PrnInit
PrnFontSet
PrnStr
PortOpen
des
write
open
seek
close
read
DelayMs
Beef
GetLastError
ScrCls
kbflush
ScrSetIcon
ScrPrint
ScrClrLine
TimerSet
getkey
TimerCheck
ScrSetEcho
kbhit
StartMainWindow
SetAppInfo
SetMainStartAddr

kernel32

CloseHandle
CreateFileW
SetStdHandle
HeapQueryInformation
HeapSize
HeapReAlloc
InterlockedExchange
SetConsoleCtrlHandler
OutputDebugStringW
WriteConsoleW
OutputDebugStringA
GetConsoleMode
GetConsoleCP
SetFilePointer
GetLocaleInfoW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetLocaleInfoA
RtlUnwind
FatalAppExitA
LeaveCriticalSection
EnterCriticalSection
GetStringTypeW
WriteFile
HeapDestroy
HeapCreate
IsBadReadPtr
HeapValidate
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
ExitProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
FreeLibrary
VirtualQuery
GetProcessHeap
HeapAlloc
HeapFree
GetModuleFileNameW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetCurrentThread
GetLastError
SetLastError
GetModuleHandleW
TlsFree
GetCurrentThreadId
DecodePointer
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
IsValidCodePage
GetCPInfo
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
LCMapStringW
IsProcessorFeaturePresent
GetStartupInfoW
HeapSetInformation
GetCommandLineA
LoadLibraryW
GetProcAddress
lstrlenA
RaiseException
MultiByteToWideChar
IsDebuggerPresent
WideCharToMultiByte
FlushFileBuffers

Exports

Exports

GetLoadedAppStatus

Sections

.textbss
Size: - Virtual size: 341KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 705KB - Virtual size: 705KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 38KB - Virtual size: 543KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

caf934aae8d4a2544b1e15bf8de12558

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

payprocore

kernel32

Exports

Exports

Sections

.textbss Size: - Virtual size: 341KB

.text Size: 705KB - Virtual size: 705KB

.rdata Size: 79KB - Virtual size: 79KB

.data Size: 38KB - Virtual size: 543KB

.idata Size: 5KB - Virtual size: 5KB

.rsrc Size: 1KB - Virtual size: 1KB

.textbss
Size: - Virtual size: 341KB

.text
Size: 705KB - Virtual size: 705KB

.rdata
Size: 79KB - Virtual size: 79KB

.data
Size: 38KB - Virtual size: 543KB

.idata
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 1KB - Virtual size: 1KB