1c92c24c3782996885f0de4d745d4440_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

1c92c24c3782996885f0de4d745d4440_NeikiAnalytics.exe
Size

67KB
MD5

1c92c24c3782996885f0de4d745d4440
SHA1

fb9bb7e4e4d055fc02db7ebcc9b119b9b402a396
SHA256

174f2339c176f9a88225863b658b86764610ab3e233e2e7e363a517e913a746a
SHA512

200f1d9ace4e157d90a36a59bc5b10d9bde26c0291c1449c52ef5e35aec77b337eaee7bcd1d603cc55b228237808f06e9f4615332314dc79024ff79ef2d39875
SSDEEP

1536:Qls2uChdvPwvHvi6SDuFsRBSIOSmF10MbWES73MyHnyRldYpXwUpYX:RChd+durSI43zWESTMyKYpd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c92c24c3782996885f0de4d745d4440_NeikiAnalytics.exe

Files

1c92c24c3782996885f0de4d745d4440_NeikiAnalytics.exe
.exe windows:5 windows x86 arch:x86

7a5b0e460faa058faaff468d7e3590d4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
GetLastError
ReadFile
Beep
ReadConsoleW
PeekConsoleInputW
WaitForSingleObject
GetTickCount
SetConsoleCtrlHandler
FlushConsoleInputBuffer
SetConsoleMode
GetConsoleMode
GetStdHandle
GetProcAddress
GetModuleHandleA
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
GetModuleFileNameW
GetConsoleOutputCP
ExitProcess
GetSystemDirectoryW
LoadLibraryW
FreeLibrary
HeapReAlloc
HeapFree
WriteConsoleW
HeapSize
HeapAlloc
GetProcessHeap
HeapValidate
WideCharToMultiByte
MultiByteToWideChar
CompareStringA
GetThreadLocale
CompareStringW
lstrlenW
lstrlenA
GetFileType
VerifyVersionInfoW
FormatMessageW
LocalFree

user32

LoadStringW
CharUpperW
CharUpperBuffW
CharNextW

ws2_32

WSACleanup

shlwapi

StrStrIW
StrChrW
StrChrIW
StrStrW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

msvcrt

_initterm
__wgetmainargs
__winitenv
_get_osfhandle
wcstol
_controlfp
exit
wcschr
_iob
_vsnwprintf
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
_cexit
_XcptFilter
_exit
_c_exit
fprintf
_errno
__setusermatherr
fflush
wcstoul
wcstod
_fileno
_except_handler3

ntdll

VerSetConditionMask

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 376B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 43KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7a5b0e460faa058faaff468d7e3590d4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ws2_32

shlwapi

version

msvcrt

ntdll

Sections

.text Size: 22KB - Virtual size: 22KB

.data Size: 512B - Virtual size: 376B

.rsrc Size: 43KB - Virtual size: 44KB

.text
Size: 22KB - Virtual size: 22KB

.data
Size: 512B - Virtual size: 376B

.rsrc
Size: 43KB - Virtual size: 44KB