1e3f2a709c42b57bdbd9ba6fcab99480_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

1e3f2a709c42b57bdbd9ba6fcab99480_NeikiAnalytics.exe
Size

626KB
MD5

1e3f2a709c42b57bdbd9ba6fcab99480
SHA1

f4977d1838fb8a1dd3ae816a76b04766361a8c52
SHA256

b312896315425106877d2d423fe37401409cd5306e6f9b27224f28e25c5822b3
SHA512

c9bd5d858953d2f196905bc4bc52de1cb91fedd51ac353a9b0090d7e6a0dad67bdd00cb9f3702df890ea6b2b33c43e123d611c63f62a35a2720946a43242788f
SSDEEP

12288:VQ3S1l9xnqZiMwQJXx6a/YvRcFKBsX9Da2XbJda3Q93i8OPowY79pk/DCWN:+S1T0ZiUJXca/VQBIe2dhi8OP3YGv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1e3f2a709c42b57bdbd9ba6fcab99480_NeikiAnalytics.exe

Files

1e3f2a709c42b57bdbd9ba6fcab99480_NeikiAnalytics.exe
.exe windows:10 windows x86 arch:x86

1e4973d83298d4f758b718cdb9a58676

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

msifiler.pdb

Imports

kernel32

GetModuleFileNameA
SetErrorMode
GetLastError
GetFileAttributesA
CreateFileA
LoadLibraryA
GlobalAlloc
GlobalFree
CloseHandle
GetProcAddress
GetFileSize
GetModuleHandleW
FreeLibrary
CreateFileW
VirtualQuery
GetSystemInfo
FlushFileBuffers
WriteConsoleW
SetStdHandle
LCMapStringW
MultiByteToWideChar
GetStringTypeW
SetFilePointer
GetConsoleMode
GetConsoleCP
RtlUnwind
VirtualAlloc
HeapReAlloc
VirtualProtect
Sleep
GetCPInfo
GetCommandLineA
GetVersionExW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
SetLastError
GetCurrentThreadId
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
ExitProcess
LoadLibraryExW
GetStdHandle
WriteFile
HeapCreate
HeapFree
VirtualFree
GetFileType
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetTickCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
WideCharToMultiByte
OutputDebugStringA
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
IsValidCodePage
GetACP
GetOEMCP

msi

ord20
ord158
ord141
ord148
ord159
ord194
ord119
ord75
ord163
ord117
ord124
ord31
ord77
ord93
ord164
ord160
ord91
ord121
ord8
ord17
ord33
ord116

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

ole32

CoUninitialize
CoInitialize

Sections

.text
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 568KB - Virtual size: 572KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1e4973d83298d4f758b718cdb9a58676

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

msi

version

ole32

Sections

.text Size: 49KB - Virtual size: 49KB

.data Size: 3KB - Virtual size: 9KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 568KB - Virtual size: 572KB

.text
Size: 49KB - Virtual size: 49KB

.data
Size: 3KB - Virtual size: 9KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 568KB - Virtual size: 572KB