456faaaa7c30b4f15bcfd7f5a444e980_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

456faaaa7c30b4f15bcfd7f5a444e980_NeikiAnalytics.exe
Size

193KB
MD5

456faaaa7c30b4f15bcfd7f5a444e980
SHA1

4cf02869184207fc2642511086bf6b4da5569757
SHA256

0f76c9f7e18f79fd06057455abffe6a4e24b9d990e0f82ec5c3cfc7b238454a7
SHA512

01ac869fdb9fc9ca007c4ac5c7db9735159ed774a8dc5ffa34e722b4b42c54a6e9699ae6806330415992700d4993bf718cae988c4e4ef6262216f3768c571510
SSDEEP

3072:Q9isvBq7UyntCbvZg9fZTbpKSBg7GE5OtCWnfs25DuUXOJx8X:Q9fB2obvOZTtBBg7GBCWnpX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
456faaaa7c30b4f15bcfd7f5a444e980_NeikiAnalytics.exe

Files

456faaaa7c30b4f15bcfd7f5a444e980_NeikiAnalytics.exe
.dll windows:5 windows x86 arch:x86

49243da65777aa40d71712f25e529629

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Programming\GitHome\support-projects\luaffi\ffi.pdb

Imports

lua51

lua_next
lua_setfenv
lua_newuserdata
lua_getmetatable
lua_tolstring
lua_isstring
lua_isuserdata
luaL_checkstack
lua_insert
lua_rawequal
lua_error
luaL_pushresult
luaL_prepbuffer
luaL_addstring
lua_typename
luaL_addvalue
lua_pushfstring
luaL_buffinit
lua_pushlightuserdata
lua_topointer
lua_tonumber
lua_toboolean
lua_tointeger
lua_replace
lua_pcall
luaL_checktype
luaL_argerror
lua_gettable
lua_pushstring
luaL_checkinteger
luaL_checklstring
lua_pushinteger
lua_pushvfstring
lua_concat
lua_isnumber
lua_rawget
lua_setfield
lua_setmetatable
lua_type
lua_pushvalue
luaL_ref
lua_rawseti
lua_getfenv
luaL_unref
lua_createtable
lua_pushlstring
lua_pushcclosure
lua_gettop
lua_rawset
lua_pushboolean
lua_pushnil
lua_remove
lua_getfield
lua_tocfunction
lua_objlen
lua_rawgeti
lua_touserdata
lua_settop
luaL_error
lua_pushnumber
lua_call
luaL_checknumber

msvcrt

_mbsdec
_ismbblead
_XcptFilter
_initterm
_amsg_exit
calloc
isdigit
isspace
mbtowc
__mb_cur_max
isleadbyte
isxdigit
localeconv
_unlock
_iob
_lock
_snprintf
_itoa
wctomb
ferror
iswctype
wcstombs
__dllonexit
_onexit
__badioinfo
__pioinfo
_read
_fileno
_lseeki64
_write
_isatty
ungetc
strchr
strtol
strtoul
malloc
_fmode
memchr
_CIpow
memcpy
sprintf
_assert
memmove
memset
free
realloc
_pwctype
__lc_collate_cp
_wcsupr
_wcslwr
_strupr
_strlwr
_ecvt
_gcvt
_mbsupr
_errno
_mbslwr
__CxxFrameHandler
exit

kernel32

GetLastError
SetLastError
GetProcAddress
VirtualAlloc
FlushInstructionCache
GetCurrentProcess
VirtualFree
LoadLibraryA
GetModuleHandleExA
GetModuleHandleA
GetSystemInfo
OutputDebugStringA
RtlUnwind
InterlockedExchange
Sleep
InterlockedCompareExchange
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetVersion
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualProtect

Exports

Exports

luaopen_ffi

Sections

.text
Size: 157KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

49243da65777aa40d71712f25e529629

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

lua51

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 157KB - Virtual size: 156KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 17KB - Virtual size: 18KB

.idata Size: 4KB - Virtual size: 4KB

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 157KB - Virtual size: 156KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 17KB - Virtual size: 18KB

.idata
Size: 4KB - Virtual size: 4KB

.reloc
Size: 6KB - Virtual size: 5KB