94e8c39f7ccf8c28ec057ab9dfdec260_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

94e8c39f7ccf8c28ec057ab9dfdec260_NeikiAnalytics.exe
Size

143KB
MD5

94e8c39f7ccf8c28ec057ab9dfdec260
SHA1

608455f1ef3715828334d174757ee3605f936991
SHA256

a6f0aafa571ad3de29247d3038e1fa852321914e9acaa0f3d262ee570f436791
SHA512

334ca2d4527333b32a9a5c92da7eb3617b769813faa9a633c350fcedc5566e689fa98410c35716e6415bce8ff9401e256ad426b2681ee3db18e0da5ae7d76d4b
SSDEEP

3072:wfjJO3/VQxB3QGlhQ2OhcQfqQAzyQHrMj:xdYQGlh6fq7zyQYj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
94e8c39f7ccf8c28ec057ab9dfdec260_NeikiAnalytics.exe

Files

94e8c39f7ccf8c28ec057ab9dfdec260_NeikiAnalytics.exe
.exe windows:5 windows x86 arch:x86

c5fad9b4826655fa97fe0459756d0739

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\850AccuMark Build Tools\silclean\Release\silclean.pdb

Imports

kernel32

GetSystemDirectoryA
GetModuleFileNameA
GetLastError
DeleteFileA
GetFileAttributesA
GetCommandLineA
HeapSetInformation
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
DecodePointer
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetLastError
GetCurrentThreadId
GetCurrentThread
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringW
MultiByteToWideChar
GetStringTypeW
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
HeapFree
Sleep
GetUserDefaultLCID
GetLocaleInfoW
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
LoadLibraryW
RtlUnwind
IsProcessorFeaturePresent
HeapAlloc
HeapReAlloc
HeapSize

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

Sections

.text
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c5fad9b4826655fa97fe0459756d0739

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

advapi32

Sections

.text Size: 51KB - Virtual size: 50KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 3KB - Virtual size: 6KB

.rsrc Size: 76KB - Virtual size: 80KB

.text
Size: 51KB - Virtual size: 50KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 3KB - Virtual size: 6KB

.rsrc
Size: 76KB - Virtual size: 80KB