0cc2da3af6cd78cad86e38b9fbc01970_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

0cc2da3af6cd78cad86e38b9fbc01970_NeikiAnalytics.exe
Size

268KB
MD5

0cc2da3af6cd78cad86e38b9fbc01970
SHA1

0423531c9032fe07f6ea252d3b7a76c47585b5fb
SHA256

59ce833da5979df99eaa7b24ce863f584c982473eaa6ff69a6c922f984c6ad23
SHA512

9962edf651cdffe72bf791e7b157847206be9849168dfa15f5ad8413dbc4403bd0a2eefe863ee1703bfc1accf18c34815a6d7de6bc9b62221aa62638168bbbee
SSDEEP

3072:tUVw6s7QkHs1jFLgqRzi414qcSeDBbiG3ufag3DYcC+3OhvFcKFHh0Oom/:tgPkM1xgqRG+igz5BA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0cc2da3af6cd78cad86e38b9fbc01970_NeikiAnalytics.exe

Files

0cc2da3af6cd78cad86e38b9fbc01970_NeikiAnalytics.exe
.dll windows:4 windows x86 arch:x86

8c8f2359180ce3b04471285295f115ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

combase

PropVariantClear
PropVariantCopy
WindowsCreateString
WindowsGetStringRawBuffer

dinput8

DirectInput8Create

hid

HidD_FreePreparsedData
HidD_GetFeature
HidD_GetHidGuid
HidD_GetPreparsedData
HidD_SetOutputReport
HidP_GetCaps
HidP_GetLinkCollectionNodes
HidP_GetSpecificValueCaps
HidP_GetUsageValue
HidP_InitializeReportForID
HidP_SetUsageValue

kernel32

CloseHandle
CloseThreadpoolWork
CreateEventA
CreateFileW
CreateThread
CreateThreadpoolWork
DeleteCriticalSection
DisableThreadLibraryCalls
EnterCriticalSection
FreeLibraryAndExitThread
GetModuleHandleExW
GetModuleHandleW
GetProcAddress
GetTickCount
GetTickCount64
HeapAlloc
HeapReAlloc
InitOnceExecuteOnce
InitializeCriticalSection
IsBadStringPtrW
LeaveCriticalSection
SetEvent
SubmitThreadpoolWork
WaitForSingleObject

ntdll

_vsnprintf

setupapi

SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsW
SetupDiGetDeviceInterfaceDetailW

ucrtbase

__acrt_iob_func
__stdio_common_vsprintf
_strdup
_wcsicmp
_wcsnicmp
atan
calloc
free
fwrite
getenv
malloc
memcmp
memmove
realloc
round
strchr
strcmp
strcspn
strlen
wcschr
wcscmp
wcscpy

user32

CreateWindowExW
DefWindowProcW
DestroyWindow
DispatchMessageW
GetDesktopWindow
MsgWaitForMultipleObjectsEx
PeekMessageW
RegisterClassExW
RegisterDeviceNotificationW
TranslateMessage
UnregisterClassW
UnregisterDeviceNotification

Exports

Exports

DllCanUnloadNow
DllGetActivationFactory
DllGetClassObject

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 4KB - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 196B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8c8f2359180ce3b04471285295f115ce

Headers

DLL Characteristics

File Characteristics

Imports

combase

dinput8

hid

kernel32

ntdll

setupapi

ucrtbase

user32

Exports

Exports

Sections

.text Size: 96KB - Virtual size: 95KB

.data Size: 4KB - Virtual size: 1KB

.rodata Size: 4KB - Virtual size: 20B

.rdata Size: 40KB - Virtual size: 36KB

.bss Size: - Virtual size: 196B

.edata Size: 16KB - Virtual size: 15KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 2KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 96KB - Virtual size: 95KB

.data
Size: 4KB - Virtual size: 1KB

.rodata
Size: 4KB - Virtual size: 20B

.rdata
Size: 40KB - Virtual size: 36KB

.bss
Size: - Virtual size: 196B

.edata
Size: 16KB - Virtual size: 15KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 2KB

.reloc
Size: 8KB - Virtual size: 7KB