1acc9363af9f2ac114090708132125e0_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

1acc9363af9f2ac114090708132125e0_NeikiAnalytics.exe
Size

154KB
MD5

1acc9363af9f2ac114090708132125e0
SHA1

08ce6db02df3c4d81861d655de6930b2d6582509
SHA256

e0da26b9bb4e3225687e6c585f81c2fadb1ee2bd016508843137c5d44240f933
SHA512

6f83a9d980903fd88196a72b6754e4d8c4c405cde894d4abaca1aa9b2a804f79dee2b11b65d47a4bc0e10974581164fc1b570714b46c33451ec2c3301402f932
SSDEEP

3072:C3G7TmwYY8gdzWWnnRX4aSiS81Z7Gz2B:qGewYlwqWn5VSiSigo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1acc9363af9f2ac114090708132125e0_NeikiAnalytics.exe

Files

1acc9363af9f2ac114090708132125e0_NeikiAnalytics.exe
.dll windows:5 windows x86 arch:x86

80aa3465b6215aa194b9589c36e4598c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

x_funms

X_Get_Text_String
X_Trace
X_Trace_Fun
X_Save_Remembered_Values
X_Deallocate_Lists
X_Clear_Exchange_List
X_Compare_Identical_SorP
X_Compute_Keys
X_Sort_List
X_Vec_Get_as_Double
X_Vec_Set_from_Double
X_Terminate_Component_Routine
X_LANSAX_Services
X_Start_Component_Routine
X_Vec_Set_from_Long
X_Vec_Get_as_Long
X_Exchange_Vector_Value
X_XENV_Query_Setting
X_Destroy_Sorted_Vector_List
X_Destroy_List_Instances
X_Vec_Set_from_SysVar
X_Allocate_Lists
X_Reset_Function_Mode
X_Create_List_Instances_2
X_Receive_Exchange_List
X_Fatal_Error

x_pdfms

XX_PDF_Free_Memory_Heap
X_PDF_Execute_IO_Module
XX_PDF_Allocate_Memory_Heap
X_PDF_HeapListInsert
X_PDF_HeapListRemove

x_bifms

X_BuiltIn_003
X_BuiltIn_002
X_BuiltIn_222
X_BuiltIn_077

x_var

X_VAR_VarChar_SetFromVchar
X_VAR_VarChar_SetFromFixedChar
X_VAR_VarChar_GetAsFixedChar
X_VAR_EvaluateExpression
X_VAR_VarChar_StringCompare
X_VAR_VarChar_Release
X_VAR_VarChar_Assign

msvcr90

_stricmp
_except_handler4_common
_onexit
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
_crt_debugger_hook
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
free
_malloc_crt
_encode_pointer
sprintf
memcmp
strncpy
memcpy
memset
strcmp
strcpy

kernel32

IsDebuggerPresent
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
InterlockedExchange
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep

Exports

Exports

COMP_Get_Module_Info
X_GetIdentificationPtr
X_Run_Function_S5DDSENT
X_Run_Process_S5DDSENT

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

80aa3465b6215aa194b9589c36e4598c

Headers

File Characteristics

Imports

x_funms

x_pdfms

x_bifms

x_var

msvcr90

kernel32

Exports

Exports

Sections

.text Size: 96KB - Virtual size: 95KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 17KB - Virtual size: 19KB

.rsrc Size: 19KB - Virtual size: 19KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 96KB - Virtual size: 95KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 17KB - Virtual size: 19KB

.rsrc
Size: 19KB - Virtual size: 19KB

.reloc
Size: 4KB - Virtual size: 4KB