72f738d7f51e68a747eb93c50538ab10_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

72f738d7f51e68a747eb93c50538ab10_NeikiAnalytics.exe
Size

172KB
MD5

72f738d7f51e68a747eb93c50538ab10
SHA1

fd8a99335356cd4f0ce8345c6c42d97ac9be2ac9
SHA256

8ee75867cb29a4143cba9b30fe54fe85690b5694af62f700a9a70716fdc731a0
SHA512

da082406d7ddd5c9d64ae954b870ecbf9017c19d59f4ad7f9145c5f4ccc63af67ca01f23585d07458e7f431873c0f10b1084789e4720ee6bc2882a6ba90b468c
SSDEEP

3072:+5Qb/eKrra8Z3FtcknPju+SvHA83Z0qn9sOPTlaX1:BG8Z1trPq+SvHA89txa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72f738d7f51e68a747eb93c50538ab10_NeikiAnalytics.exe

Files

72f738d7f51e68a747eb93c50538ab10_NeikiAnalytics.exe
.dll windows:6 windows x64 arch:x64

81c486b82d62a0b0d31d2c63aff9d4aa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

python39

_PyArg_BadArgument
_PyArg_CheckPositional
_PyArg_UnpackKeywords
PyModule_AddObject
PyModule_AddIntConstant
PyModule_AddStringConstant
_PyObject_LookupAttrId
_PyImport_SetModule
PyLong_FromLong
PyObject_CallFunction
_Py_CheckFunctionResult
_PyObject_MakeTpCall
PyObject_GetBuffer
PyBuffer_Release
Py_BuildValue
PyObject_IsTrue
PyObject_SetAttrString
PyUnicode_AsUTF8AndSize
_PyUnicode_Ready
PyUnicode_DecodeUTF8
PyUnicode_Decode
PyUnicode_FromFormat
PyUnicode_FromString
PyBytes_FromStringAndSize
PyObject_GC_Del
PyObject_GC_UnTrack
PyObject_GC_Track
PyErr_NewException
PyErr_Format
PyErr_NoMemory
PyErr_Clear
PyErr_Occurred
PyErr_SetString
PyErr_SetObject
PyDescr_NewGetSet
_PyObject_GC_New
PyMem_Free
PyThreadState_Get
_PyTraceback_Add
PyCapsule_New
PyModule_GetDict
PyModule_New
PyDict_SetItemString
PyDict_SetItem
PyDict_GetItemWithError
PyDict_New
PyList_Append
PyList_New
PyTuple_New
PyBool_FromLong
_PyLong_AsInt
_Py_Dealloc
PyLong_AsLong
PyObject_Call
PyMem_Malloc
PyType_Ready
PyType_IsSubtype
PyFloat_Type
PyObject_Malloc
PyObject_Free
PyObject_Realloc
_PyByteArray_empty_string
PyByteArray_Type
_Py_HashSecret
_Py_NoneStruct
PyExc_ValueError
PyExc_TypeError
PyModule_Create2
PyExc_RuntimeError

kernel32

InitializeSListHead
DisableThreadLibraryCalls
GetCurrentThreadId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetSystemTimeAsFileTime
GetCurrentProcessId
IsDebuggerPresent

vcruntime140

memcpy
memcmp
memmove
__std_type_info_destroy_list
__C_specific_handler
memset

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vfprintf
__acrt_iob_func

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_errno

api-ms-win-crt-heap-l1-1-0

malloc
free
realloc

api-ms-win-crt-utility-l1-1-0

rand_s

api-ms-win-crt-convert-l1-1-0

strtoul

api-ms-win-crt-environment-l1-1-0

getenv

Exports

Exports

PyInit_pyexpat

Sections

.text
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 996B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

81c486b82d62a0b0d31d2c63aff9d4aa

Headers

DLL Characteristics

File Characteristics

Imports

python39

kernel32

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-environment-l1-1-0

Exports

Exports

Sections

.text Size: 126KB - Virtual size: 125KB

.rdata Size: 31KB - Virtual size: 31KB

.data Size: 6KB - Virtual size: 7KB

.pdata Size: 6KB - Virtual size: 6KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 1024B - Virtual size: 996B

.text
Size: 126KB - Virtual size: 125KB

.rdata
Size: 31KB - Virtual size: 31KB

.data
Size: 6KB - Virtual size: 7KB

.pdata
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 1024B - Virtual size: 996B