1e936194d12a10f40f3afb15c376c180_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

1e936194d12a10f40f3afb15c376c180_NeikiAnalytics.exe
Size

24KB
MD5

1e936194d12a10f40f3afb15c376c180
SHA1

d5c1dd1eb9c4842ff028ffb80eb421f6f9fc7245
SHA256

4a4f245edec22254080a787716543fe6a6c857d9ec3c5a4dfe74e957e1ab2c06
SHA512

4206f3b6aff056f9c4fb2c254ca9149e321452d7674e5bce8425bad10cf9f45aecb3f022fce18dc92b84f3f220fdb88300abfc517a4b772efbe71d7774e070f2
SSDEEP

384:yD1bWUdEr4927UhQoVO64kOF6QJ25D2giorDP6Pg4nQUsLWRnh8:j4gTlkqk5D2+yLnQUsgh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1e936194d12a10f40f3afb15c376c180_NeikiAnalytics.exe

Files

1e936194d12a10f40f3afb15c376c180_NeikiAnalytics.exe
.dll windows:4 windows x86 arch:x86

d76594670cc51eab268e4570f3dd0576

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

wsprintfA

kernel32

SMapLS_IP_EBP_32
SMapLS_IP_EBP_36
SMapLS_IP_EBP_8
FT_Exit32
SUnMapLS_IP_EBP_12
SMapLS_IP_EBP_24
SMapLS_IP_EBP_20
SMapLS_IP_EBP_16
SUnMapLS_IP_EBP_16
SUnMapLS_IP_EBP_24
SUnMapLS_IP_EBP_32
SUnMapLS_IP_EBP_36
SUnMapLS_IP_EBP_8
FT_Thunk
SUnMapLS
SMapLS_IP_EBP_12
SMapLS
ThunkConnect32
SUnMapLS_IP_EBP_20
TlsAlloc
GetModuleFileNameA
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsFree
SetLastError
TlsGetValue
GetLastError
HeapDestroy
HeapCreate
VirtualFree
SetHandleCount
GetFileType
GetStdHandle
GetStartupInfoA
DeleteCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
WriteFile
InitializeCriticalSection
VirtualAlloc
LeaveCriticalSection
LoadLibraryA
HeapAlloc
HeapFree
SetStdHandle
FlushFileBuffers
CloseHandle
SetFilePointer
SMapLS_IP_EBP_32
SMapLS_IP_EBP_36
SMapLS_IP_EBP_8
FT_Exit32
SUnMapLS_IP_EBP_12
SMapLS_IP_EBP_24
SMapLS_IP_EBP_20
SMapLS_IP_EBP_16
SUnMapLS_IP_EBP_16
SUnMapLS_IP_EBP_24
SUnMapLS_IP_EBP_32
SUnMapLS_IP_EBP_36
SUnMapLS_IP_EBP_8
FT_Thunk
SUnMapLS
SMapLS_IP_EBP_12
SMapLS
ThunkConnect32
SUnMapLS_IP_EBP_20
TlsAlloc
GetModuleFileNameA
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsFree
SetLastError
TlsGetValue
GetLastError
HeapDestroy
HeapCreate
VirtualFree
SetHandleCount
GetFileType
GetStdHandle
GetStartupInfoA
DeleteCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
WriteFile
InitializeCriticalSection
VirtualAlloc
LeaveCriticalSection
LoadLibraryA
HeapAlloc
HeapFree
SetStdHandle
FlushFileBuffers
CloseHandle
SetFilePointer

advapi32

RegOpenKeyA
RegQueryValueExA
RegSetValueExA
RegDeleteValueA
RegCloseKey

Exports

Exports

EnumerateDisplayDevice32
GetClassDevices
GetMinMaxRefresh
ICT_ThunkData32
SwitchDesktopANDColorDepths

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d76594670cc51eab268e4570f3dd0576

Headers

File Characteristics

Imports

user32

kernel32

advapi32

Exports

Exports

Sections

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 5KB - Virtual size: 9KB

.idata Size: 2KB - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 5KB - Virtual size: 9KB

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 1KB - Virtual size: 1KB