6a1bb403a98f492ffea631c5354b8330_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

6a1bb403a98f492ffea631c5354b8330_NeikiAnalytics.exe
Size

76KB
MD5

6a1bb403a98f492ffea631c5354b8330
SHA1

d090be492e327e1215c5661b3b72bb9e900c7d7f
SHA256

cdcafc4c4feca13aefceec3eb4c44c9f637c1a1a330c31f98788100602a2bc22
SHA512

44659f32c803d2a3926539e019f4fe9cc71f3b0c5ad80ad86ce568a40b6cd427716eb825d183e2f7efbdb938b9374b70b4e79880e80ff5ca1b4a194ef0fea97e
SSDEEP

768:0HVc3sRDnPm25CdBm1lZjnJcALpjukkVYjPvqBwy+I4mdOsMyyFiVNWtyFm7IdOG:0W3EzPmobZjFedmST8XFiVNRFm5yGBi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a1bb403a98f492ffea631c5354b8330_NeikiAnalytics.exe

Files

6a1bb403a98f492ffea631c5354b8330_NeikiAnalytics.exe
.dll windows:4 windows x86 arch:x86

a56f3c6ddcd079aeb021758ca2025efd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
WriteFile
ReadFile
GetLastError
SetFilePointer
GetCurrentThreadId
DuplicateHandle
GetCurrentProcess
GetStdHandle
InitializeCriticalSection
DeleteCriticalSection
FlushFileBuffers
CreateFileA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
ExitProcess
DisableThreadLibraryCalls
QueryPerformanceCounter

user32

MessageBoxA

msvcr71

time
_purecall
malloc
free
realloc
fclose
fprintf
sprintf
fputs
fgets
ftell
fseek
isspace
tolower
isalpha
isalnum
strncmp
calloc
gmtime
_initterm
_adjust_fdiv
__CppXcptFilter
_except_handler3
__security_error_handler
__dllonexit
_onexit
??1type_info@@UAE@XZ
?terminate@@YAXXZ
localtime
strftime
memmove
??0exception@@QAE@ABV0@@Z
_CxxThrowException
??0exception@@QAE@XZ
??1exception@@UAE@XZ
exit
strchr
strncpy
??2@YAPAXI@Z
_snprintf
??3@YAXPAX@Z
__CxxFrameHandler
_strdup
fopen

msvcp71

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

ws2_32

WSACleanup
WSAStartup

Exports

Exports

do_not_list_in_extras
free_memory
get_handled_content
get_sdk_version
handle_content

Sections

.text
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a56f3c6ddcd079aeb021758ca2025efd

Headers

File Characteristics

Imports

kernel32

user32

msvcr71

msvcp71

ws2_32

Exports

Exports

Sections

.text Size: 36KB - Virtual size: 33KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 4KB - Virtual size: 2KB

.reloc Size: 16KB - Virtual size: 13KB

.text
Size: 36KB - Virtual size: 33KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 4KB - Virtual size: 2KB

.reloc
Size: 16KB - Virtual size: 13KB