14c127015d3c728d921a9e0fb92f8bf0_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

14c127015d3c728d921a9e0fb92f8bf0_NeikiAnalytics.exe
Size

466KB
MD5

14c127015d3c728d921a9e0fb92f8bf0
SHA1

89fbf984aba2ef1685255c92e2db5cefbdfe71cb
SHA256

7451f64ee965e71fbfeb5e18a17fcf3c4ebc5212b050e296a4a53b91162c68de
SHA512

18ea14f6553e95629b79e5f5be29433290a9e5007cbc522b586b2375b551e4a7d8f914eac43f3e8e7ce65e3b0cf478fcb215f5bc0f77aa464d16686558d4ca89
SSDEEP

6144:/Q9r7XMZc6RImcg7jwuXUPEEhqUugjTgXcNnC34Bl:/Er7c26RPcKBUugjsA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14c127015d3c728d921a9e0fb92f8bf0_NeikiAnalytics.exe

Files

14c127015d3c728d921a9e0fb92f8bf0_NeikiAnalytics.exe
.exe windows:5 windows x86 arch:x86

3caa9c24ac91d2ee13295d21f71a6636

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\a\xash3d-fwgs\xash3d-fwgs\build\game_launch\xash3d.pdb

Imports

user32

MessageBoxA

shell32

CommandLineToArgvW

kernel32

GetModuleFileNameW
CreateFileW
CloseHandle
DecodePointer
GetCommandLineW
LoadLibraryExA
GetLastError
LoadLibraryA
GetProcAddress
LocalFree
FreeLibrary
FormatMessageA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
ReadConsoleW
InterlockedPushEntrySList
InterlockedFlushSList
RtlUnwind
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
EncodePointer
RaiseException
ExitProcess
GetModuleHandleExW
GetStdHandle
WriteFile
WriteConsoleW
WideCharToMultiByte
GetCurrentThread
HeapFree
HeapAlloc
GetFileType
OutputDebugStringW
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
MultiByteToWideChar
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetStdHandle
GetStringTypeW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetTempPathW
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetProcessHeap
SetConsoleCtrlHandler
GetFileSizeEx
SetFilePointerEx
HeapSize
HeapReAlloc
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
ReadFile

Exports

Exports

AmdPowerXpressRequestHighPerformance
NvOptimusEnablement

Sections

.text
Size: 296KB - Virtual size: 295KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3caa9c24ac91d2ee13295d21f71a6636

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

user32

shell32

kernel32

Exports

Exports

Sections

.text Size: 296KB - Virtual size: 295KB

.rdata Size: 37KB - Virtual size: 37KB

.data Size: 2KB - Virtual size: 24KB

.rsrc Size: 120KB - Virtual size: 119KB

.reloc Size: 9KB - Virtual size: 8KB

.text
Size: 296KB - Virtual size: 295KB

.rdata
Size: 37KB - Virtual size: 37KB

.data
Size: 2KB - Virtual size: 24KB

.rsrc
Size: 120KB - Virtual size: 119KB

.reloc
Size: 9KB - Virtual size: 8KB