524a5847fb49e998dbcccdb56fda70a0_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

524a5847fb49e998dbcccdb56fda70a0_NeikiAnalytics.exe
Size

2.0MB
MD5

524a5847fb49e998dbcccdb56fda70a0
SHA1

e45bacc9e88a7b361e3718783342bfa1e4652f1b
SHA256

1ec503a7b7644612fc6ba3adbc3ce9752f246038fc50905032c73729cdd2a9c0
SHA512

6b52c9f38074db1a89385fa77ede8914fc6ac151120e84c2c8c3a045802a2c4f6f66a2be580773ef6133788ceeac37e787c1876111f0ea63b083a5710d921fbd
SSDEEP

49152:YS4cOdObwKoxyYjG/VfiHu0fCWCm432/dzt/2MaUY5KO:FPOdOwx966O0fLCyX2MaUY5KO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
524a5847fb49e998dbcccdb56fda70a0_NeikiAnalytics.exe

Files

524a5847fb49e998dbcccdb56fda70a0_NeikiAnalytics.exe
.exe windows:4 windows x64 arch:x64

dfd97891103eee1d057c7ad235e7b7e5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

PDB Paths

Imports

msys-iconv-2

libiconv
libiconv_close
libiconv_open
locale_charset

msys-intl-8

libintl_bind_textdomain_codeset
libintl_bindtextdomain
libintl_gettext
libintl_ngettext
libintl_setlocale
libintl_textdomain

msys-2.0

__assert_func
__cxa_atexit
__errno
__getreent
__main
_dll_crt0
_exit
_impure_ptr
abort
accept
access
alarm
atoi
atol
basename
bind
bsearch
calloc
chdir
chmod
clock_gettime
close
closedir
connect
cygwin_conv_path
cygwin_internal
dirname
dll_dllcrt0
dup
dup2
environ
execve
execvp
exit
fclose
fcntl
fdopen
fflush
fgets
fileno
flockfile
fopen
fork
fprintf
fputc
fputs
fread
free
freeaddrinfo
freopen
fseek
fstat
fsync
ftell
ftruncate
funlockfile
fwrite
gai_strerror
getaddrinfo
getc_unlocked
getcwd
getdelim
getenv
geteuid
getgrnam
gethostname
getnameinfo
getpagesize
getpgid
getpid
getpwnam
getpwuid
getrlimit
gettimeofday
getuid
gmtime_r
inet_ntop
initgroups
ioctl
isatty
kill
link
listen
localtime_r
lseek
lstat
malloc
memchr
memcmp
memcpy
memmem
memmove
memset
mkdir
mkdtemp
mkstemp
mktime
mmap
msys_detach_dll
munmap
open
opendir
openlog
perror
pipe
poll
posix_memalign
pread
printf
pthread_create
pthread_equal
pthread_exit
pthread_getspecific
pthread_join
pthread_key_create
pthread_key_delete
pthread_mutex_destroy
pthread_mutex_init
pthread_mutex_lock
pthread_mutex_unlock
pthread_mutexattr_destroy
pthread_mutexattr_init
pthread_mutexattr_settype
pthread_self
pthread_setcancelstate
pthread_setspecific
pthread_sigmask
putc
putchar
puts
qsort
raise
rand
read
readdir
readlink
realloc
regcomp
regerror
regexec
regfree
rename
rmdir
setenv
setgid
setitimer
setsid
setsockopt
setuid
setvbuf
shutdown
sigaction
sigaddset
sigemptyset
sigfillset
signal
sigprocmask
sleep
snprintf
socket
srand
sscanf
stat
strcasecmp
strcasestr
strchr
strcmp
strcspn
strdup
strerror
strftime
strlcpy
strlen
strncasecmp
strncmp
strpbrk
strrchr
strspn
strstr
strtoimax
strtol
strtoul
strtoumax
symlink
sysconf
syslog
tcgetpgrp
umask
uname
uname_x
ungetc
unlink
utime
vfprintf
vprintf
vsnprintf
waitpid
write

msys-pcre2-8-0

pcre2_code_free_8
pcre2_compile_8
pcre2_compile_context_create_8
pcre2_compile_context_free_8
pcre2_config_8
pcre2_general_context_create_8
pcre2_general_context_free_8
pcre2_get_error_message_8
pcre2_get_ovector_pointer_8
pcre2_jit_compile_8
pcre2_jit_match_8
pcre2_maketables_8
pcre2_maketables_free_8
pcre2_match_8
pcre2_match_data_create_from_pattern_8
pcre2_match_data_free_8
pcre2_pattern_info_8
pcre2_set_character_tables_8

msys-z

compress2
crc32
deflate
deflateBound
deflateEnd
deflateInit2_
deflateInit_
inflate
inflateEnd
inflateInit2_
inflateInit_
inflateReset

kernel32

GetModuleHandleA
GetModuleHandleW

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 247KB - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.buildid
Size: 512B - Virtual size: 53B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 84KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dfd97891103eee1d057c7ad235e7b7e5

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msys-iconv-2

msys-intl-8

msys-2.0

msys-pcre2-8-0

msys-z

kernel32

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.data Size: 29KB - Virtual size: 29KB

.rdata Size: 247KB - Virtual size: 247KB

.buildid Size: 512B - Virtual size: 53B

.pdata Size: 54KB - Virtual size: 54KB

.xdata Size: 60KB - Virtual size: 59KB

.bss Size: - Virtual size: 84KB

.idata Size: 8KB - Virtual size: 8KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.data
Size: 29KB - Virtual size: 29KB

.rdata
Size: 247KB - Virtual size: 247KB

.buildid
Size: 512B - Virtual size: 53B

.pdata
Size: 54KB - Virtual size: 54KB

.xdata
Size: 60KB - Virtual size: 59KB

.bss
Size: - Virtual size: 84KB

.idata
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 2KB