424878e4ac2770d7cad3e37365b01da0_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

424878e4ac2770d7cad3e37365b01da0_NeikiAnalytics.exe
Size

14KB
MD5

424878e4ac2770d7cad3e37365b01da0
SHA1

1bba6e6629eed2a740a88c2527c9c28907cbb236
SHA256

c40775ca131624eb23ac740fb846d3644dd20be0356344e5805b089780b0459c
SHA512

120e865084a09d26e1dd107c4ce4a8e82485627106913697422fc3e0b0fe03c77ba4290b9b7ec835473bb8b61eb92f367f2a85f7cf743c48c8c2812c6d390642
SSDEEP

384:AF3BUqOR3Te10wR8JNNjbJbnjl3wP4s+n5d:YF8Te1h8vXdgA7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
424878e4ac2770d7cad3e37365b01da0_NeikiAnalytics.exe

Files

424878e4ac2770d7cad3e37365b01da0_NeikiAnalytics.exe
.dll windows:6 windows x86 arch:x86

4bda962f33f66d82341e67fd54193f61

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

waveOutWrite
waveOutOpen
waveOutClose
waveOutUnprepareHeader
waveOutPrepareHeader
waveOutGetErrorTextA

user32

PostThreadMessageA
GetMessageA

python38

PyBuffer_Release
PyLong_FromUnsignedLongLong
PyMem_RawFree
_Py_TrueStruct
PyGILState_Ensure
PyMem_RawMalloc
PyGILState_Release
_Py_NoneStruct
PyErr_SetString
PyExc_ValueError
_Py_FalseStruct
PyModule_AddObject
PyObject_GetBuffer
PyModule_Create2
PyErr_NewException
PyArg_ParseTuple
PyEval_InitThreads

kernel32

SetUnhandledExceptionFilter
CloseHandle
GetLastError
FormatMessageA
CreateMutexA
WaitForSingleObject
ReleaseMutex
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
CreateThread

vcruntime140

memset
_except_handler4_common
__std_type_info_destroy_list
memcpy

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
_initterm
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initialize_onexit_table
_initterm_e

Exports

Exports

PyInit__simpleaudio

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 620B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4bda962f33f66d82341e67fd54193f61

Headers

DLL Characteristics

File Characteristics

Imports

winmm

user32

python38

kernel32

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-runtime-l1-1-0

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 248B

.reloc Size: 1024B - Virtual size: 620B

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 248B

.reloc
Size: 1024B - Virtual size: 620B