2a46cea094c61be77725ba40c668c350_NeikiAnalytics[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2a46cea094c61be77725ba40c668c350_NeikiAnalytics.exe
Size

332KB
MD5

2a46cea094c61be77725ba40c668c350
SHA1

49b70a128cce5829631fe05cec967a58a0a3038d
SHA256

ddaba0a83f5d38725dd800ee003ec3e406cdfedef74de300a950db10d4392555
SHA512

e010650ff80bee88b19d02a201a00adc6ccd7eefdb162a7f99c8832b03ad2f9d9caf7311dd37ed239cf40e851d228cd63ed9790eddaf81b383f8ce0660017e3d
SSDEEP

6144:MP4FNYpgHZujbdYiZDP2GCnc9em7talDXMQkf9HiUmP1qXlP:MHpgHZuvemyVm7tb1iZ1Kl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a46cea094c61be77725ba40c668c350_NeikiAnalytics.exe

Files

2a46cea094c61be77725ba40c668c350_NeikiAnalytics.exe
.dll windows:4 windows x86 arch:x86

cbf4a4d22af716144b32c25f192bf4f1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
LoadLibraryA
LoadResource
LockResource
GetTempPathA
SizeofResource
VirtualProtect
WriteFile
GetProcAddress
CloseHandle
GetModuleHandleA
GetModuleFileNameA
GetLocalTime
FindResourceA
FindFirstFileA
FindClose
ExitProcess
CreateFileA
MultiByteToWideChar

user32

SetWindowTextA
SetWindowLongA
SetFocus
SendMessageA
MessageBoxA
LoadIconA
GetWindowTextLengthA
GetWindowLongA
GetDlgItem
EndDialog
DialogBoxIndirectParamA

ft_et99_api

et_OpenToken
et_CloseToken
et_Read
et_Write
et_GenRandom
et_HMAC_MD5
et_Verify
et_GetSN
MD5_HMAC
et_FindToken

Exports

Exports

CreateFi
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
abcd

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 316KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ