722fbec1677ea48fcd8dffee1141b6a0_NeikiAnalytics[.]exe

General

Target

722fbec1677ea48fcd8dffee1141b6a0_NeikiAnalytics.exe
Size

218KB
MD5

722fbec1677ea48fcd8dffee1141b6a0
SHA1

3cfa16f5dd85459aa2ff207f776ea957a5bea489
SHA256

e9be0a7e63c144148783206fa30dca5350c11abccbb82482e2e536bd51c8f7b8
SHA512

5330c683863ccbf419489277371cdc9ad53318b9be8ec50ea501dd611f14b610ccb710268058cdafbcbd229234ce4de524a6df71f9b01654abbbe8eec5981ee1
SSDEEP

3072:ACuJTRZt+JVZddeiRcOSfRSpyTfYa42/YTVxfenYy5rWQWaM:6/+PtNGlTv42/YTVxfenbM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
722fbec1677ea48fcd8dffee1141b6a0_NeikiAnalytics.exe

Files

722fbec1677ea48fcd8dffee1141b6a0_NeikiAnalytics.exe
.exe windows:5 windows x86 arch:x86

a2ef535a18298a52b282c124a1ff9dcb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryA
SetThreadPriority
GetCurrentThread
IsBadReadPtr
ReadFile
WriteFile
SetFilePointer
GetFileSize
FindNextFileA
CloseHandle
SetLastError
CreateFileA
GetLastError
FindFirstFileA
SetEndOfFile
FindClose
HeapFree
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
RaiseException
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
GetCommandLineA
HeapCreate
VirtualFree
DeleteCriticalSection
VirtualAlloc
HeapReAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleHandleA
GetModuleFileNameA
WideCharToMultiByte
GetConsoleCP
FlushFileBuffers
SetStdHandle
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
LoadLibraryA
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
HeapSize
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetProcessHeap

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

Sections

.text
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a2ef535a18298a52b282c124a1ff9dcb

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 172KB - Virtual size: 171KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 21KB - Virtual size: 33KB

.rsrc Size: 512B - Virtual size: 436B

.text
Size: 172KB - Virtual size: 171KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 21KB - Virtual size: 33KB

.rsrc
Size: 512B - Virtual size: 436B