28d1d36ad5ee55576fb94e7201b6b6c0_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

28d1d36ad5ee55576fb94e7201b6b6c0_NeikiAnalytics.exe
Size

653KB
MD5

28d1d36ad5ee55576fb94e7201b6b6c0
SHA1

31925d0a011cf3625187dfc071d8923f012ee027
SHA256

ef44bf545291dc456ddc7f86eddc1ad7a3ecea1a2b22bc3efa5684d0186e9c3d
SHA512

4ddae047e45c0794e126f0d56405b3f6898085d30536ad1aad566409a9aa879071ea24b771a35885d68c8406f52e9ba65c0f21f26c9108144350fb626633353f
SSDEEP

12288:4m22kzxxRcQLTofXz8uuN7WGyRcGF4k5BPG:4mkNxRcQXofXzvuN7fyRcU4ABe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28d1d36ad5ee55576fb94e7201b6b6c0_NeikiAnalytics.exe

Files

28d1d36ad5ee55576fb94e7201b6b6c0_NeikiAnalytics.exe
.dll windows:6 windows

e54a3e320285cfeb60a0fbfa2675acc4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_APPCONTAINER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcp140_app

?_Xlength_error@std@@YAXPBD@Z

vcruntime140_app

__CxxFrameHandler3
__std_exception_destroy
__std_exception_copy
_purecall
__std_terminate
__C_specific_handler
_CxxThrowException
__std_type_info_destroy_list
memmove
memset
memcpy

api-ms-win-crt-heap-l1-1-0

malloc
realloc
free
calloc
_callnewh

api-ms-win-crt-utility-l1-1-0

rand
srand
qsort

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf_s
__stdio_common_vsprintf

api-ms-win-crt-time-l1-1-0

_time64

api-ms-win-crt-math-l1-1-0

pow
floor
ceil
exp
cos
sin
ldexp
log
atan

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
exit

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcessId
GetCurrentThreadId

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime

api-ms-win-core-libraryloader-l1-2-0

DisableThreadLibraryCalls

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

api-ms-win-crt-string-l1-1-0

strcpy
strlen

Exports

Exports

ADDON_Create
ADDON_GetTypeMinVersion
ADDON_GetTypeVersion

Sections

.text
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 555KB - Virtual size: 555KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 964B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e54a3e320285cfeb60a0fbfa2675acc4

Headers

DLL Characteristics

File Characteristics

Imports

msvcp140_app

vcruntime140_app

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-core-profile-l1-1-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-sysinfo-l1-1-0

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-interlocked-l1-1-0

api-ms-win-core-processthreads-l1-1-1

api-ms-win-crt-string-l1-1-0

Exports

Exports

Sections

.text Size: 85KB - Virtual size: 84KB

.rdata Size: 555KB - Virtual size: 555KB

.data Size: 512B - Virtual size: 964B

.pdata Size: 2KB - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 9KB - Virtual size: 8KB

.text
Size: 85KB - Virtual size: 84KB

.rdata
Size: 555KB - Virtual size: 555KB

.data
Size: 512B - Virtual size: 964B

.pdata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 9KB - Virtual size: 8KB