285e4995640685c7a25ca47aee1d5f50_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

285e4995640685c7a25ca47aee1d5f50_NeikiAnalytics.exe
Size

277KB
MD5

285e4995640685c7a25ca47aee1d5f50
SHA1

d329931a5e35ef98f0e222bab2bf598640dfeb4e
SHA256

34f751842f1ebe92a475075be17b61f16bb5087e4c721d900c040a28e6def345
SHA512

20881341df93540422f8a5bd9ca6cdd1f97d37f4944e8426de82c8b9f9f7511adf110a45462edd5ca03a38cb6500881943b85629a7a669fbc1e49d0a05e1fd41
SSDEEP

6144:Ljvt0Gu119td6Ax0Pp7Lbr7uv7zi9mvzpoaHROpeGEeq2omOmmBA1D812rolx:LjV0Gub9td6Ax0Pp7Lbr7uSQbpBGRoms

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
285e4995640685c7a25ca47aee1d5f50_NeikiAnalytics.exe

Files

285e4995640685c7a25ca47aee1d5f50_NeikiAnalytics.exe
.dll windows:6 windows x86 arch:x86

30f62cfc4b9c3552f55087cda19026e4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\a\nixserver-rust-bindings\nixserver-rust-bindings\target\i686-pc-windows-msvc\release\deps\nixserver_rust_bindings.pdb

Imports

kernel32

IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetCurrentThreadId
UnhandledExceptionFilter
GetEnvironmentVariableW
GetCurrentDirectoryW
SetLastError
ReleaseMutex
RtlCaptureContext
GetStdHandle
GetCurrentProcessId
GetCurrentThread
GetCurrentProcess
TerminateProcess
QueryPerformanceCounter
GetProcessHeap
HeapAlloc
HeapFree
AcquireSRWLockExclusive
HeapReAlloc
ReleaseSRWLockShared
WaitForSingleObjectEx
LoadLibraryA
CreateMutexA
WaitForSingleObject
GetConsoleMode
GetLastError
GetModuleHandleW
FormatMessageW
MultiByteToWideChar
WriteConsoleW
InitOnceBeginInitialize
TlsAlloc
InitOnceComplete
TlsFree
QueryPerformanceFrequency
GetSystemTimeAsFileTime
ReleaseSRWLockExclusive
SetUnhandledExceptionFilter
CloseHandle
GetProcAddress
GetModuleHandleA
Sleep
TlsSetValue
AcquireSRWLockShared
TlsGetValue
IsProcessorFeaturePresent

ntdll

RtlNtStatusToDosError
NtWriteFile

python312

PyTuple_New
PyErr_SetString
PyErr_SetObject
PyErr_GetRaisedException
PyException_GetCause
_Py_NoneStruct
PyException_SetCause
Py_IsInitialized
PyExc_ImportError
PyGILState_Ensure
PyGILState_Release
PyInterpreterState_Get
PyInterpreterState_GetID
PyErr_SetRaisedException
PyErr_WriteUnraisable
PyObject_Repr
PyObject_Str
PyBytes_AsString
PyBytes_Size
PyList_New
PyExc_AttributeError
PyErr_GivenExceptionMatches
PyModule_GetNameObject
PyUnicode_AsEncodedString
PyType_GetQualName
PyException_GetTraceback
PyUnicode_InternInPlace
PyObject_GetAttr
PyObject_SetAttr
PyExc_SystemError
PyExc_UnicodeDecodeError
PyException_SetTraceback
PyErr_PrintEx
PyErr_NewExceptionWithDoc
PyErr_Print
PyCMethod_New
PyModule_Create2
PyExc_BaseException
PyList_Append
PyExc_TypeError
PyExc_ValueError
PyUnicode_AsUTF8AndSize
PyUnicode_FromStringAndSize
_Py_Dealloc

vcruntime140

memcpy
__CxxFrameHandler3
memcmp
_except_handler4_common
memmove
memset
_CxxThrowException
__std_type_info_destroy_list

api-ms-win-crt-string-l1-1-0

strlen

api-ms-win-crt-runtime-l1-1-0

_initterm
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_execute_onexit_table
_cexit
_initterm_e

api-ms-win-crt-heap-l1-1-0

free

Exports

Exports

PyInit_nixserver_rust_bindings

Sections

.text
Size: 219KB - Virtual size: 218KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

30f62cfc4b9c3552f55087cda19026e4

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

ntdll

python312

vcruntime140

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

Exports

Exports

Sections

.text Size: 219KB - Virtual size: 218KB

.rdata Size: 47KB - Virtual size: 47KB

.data Size: 512B - Virtual size: 1KB

.reloc Size: 9KB - Virtual size: 9KB

.text
Size: 219KB - Virtual size: 218KB

.rdata
Size: 47KB - Virtual size: 47KB

.data
Size: 512B - Virtual size: 1KB

.reloc
Size: 9KB - Virtual size: 9KB