7b5a79d0a46bb286f8c04342f4359a60_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

7b5a79d0a46bb286f8c04342f4359a60_NeikiAnalytics.exe
Size

241KB
MD5

7b5a79d0a46bb286f8c04342f4359a60
SHA1

305fdd7fbc86e0ac7246d6482dd213930518d899
SHA256

ee686ddd9126710f429211dfd9a068c7209587a00be516b22be1fa2fe75dd4ad
SHA512

5894b2d1be29e2d0fec4be684566517af78e2b258500f4519408369c32b0446c32599e0b503589a6928e4785484f56ba0fe72dd30ddc80a63a07e1820a322221
SSDEEP

3072:in5L1Q3Tn9PdkT+q8qE/vVP9Kse6EmFMwoemVceTBUJqtkUxRWko8XVQmsSKIwZL:Kepcd8L3KQi5emVceTBfWGRN1sSKShKl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7b5a79d0a46bb286f8c04342f4359a60_NeikiAnalytics.exe

Files

7b5a79d0a46bb286f8c04342f4359a60_NeikiAnalytics.exe
.exe windows:5 windows x86 arch:x86

04055ee6150ee602bbbd2df37d0ff8b3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
VirtualProtect
SetThreadContext
FlushFileBuffers
SetFileShortNameA
GetTickCount
CreateMailslotA
GetMailslotInfo
FlushViewOfFile
UnmapViewOfFile
GetModuleFileNameA
GetModuleHandleA
WriteProfileSectionW
SetDefaultCommConfigA
SetConsoleMode
GetConsoleCP
SetConsoleCP
GetConsoleOutputCP
EncodePointer
DecodePointer
RaiseException
RtlUnwind
GetCommandLineW
IsProcessorFeaturePresent
GetLastError
HeapAlloc
HeapFree
ExitProcess
GetModuleHandleExW
GetProcAddress
AreFileApisANSI
MultiByteToWideChar
WideCharToMultiByte
HeapSize
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
SetLastError
GetCurrentThreadId
GetProcessHeap
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
LCMapStringW
LoadLibraryExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
HeapReAlloc
ReadFile
GetConsoleMode
ReadConsoleW
OutputDebugStringW
GetStringTypeW
SetStdHandle
SetFilePointerEx
CreateFileW
CloseHandle
WriteConsoleW
SetEndOfFile

Sections

.text
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 7.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

04055ee6150ee602bbbd2df37d0ff8b3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 65KB - Virtual size: 65KB

.rdata Size: 26KB - Virtual size: 26KB

.data Size: 7KB - Virtual size: 7.1MB

.rsrc Size: 136KB - Virtual size: 136KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 65KB - Virtual size: 65KB

.rdata
Size: 26KB - Virtual size: 26KB

.data
Size: 7KB - Virtual size: 7.1MB

.rsrc
Size: 136KB - Virtual size: 136KB

.reloc
Size: 5KB - Virtual size: 4KB