18361e932ce38d801cdbe0141aecc5f0_NeikiAnalytics[.]exe

General

Target

18361e932ce38d801cdbe0141aecc5f0_NeikiAnalytics.exe
Size

81KB
MD5

18361e932ce38d801cdbe0141aecc5f0
SHA1

4bdb8904784bf2313ba3075a16907a6145b244b3
SHA256

54712600562b680718f93b083104fec44ad0940b9af196197bc9aa87d8802f25
SHA512

add40121f8176f3a93903239880d70203b7d1ad877fb506b1434e7d30838bbc3506344a67abc9d48e1cdee45d589978c3c9bd553c3216cc1b9d4fd2502f84792
SSDEEP

1536:q+gisi/OTW1bk3FwErVvHcT/HBignpwLsO9NXw6dc8xQ:qIZ1bk1FVvHcT/xO4O9fc8xQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18361e932ce38d801cdbe0141aecc5f0_NeikiAnalytics.exe

Files

18361e932ce38d801cdbe0141aecc5f0_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

79b96456f9efc94c33ade5e8ec421b2f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
CloseHandle
CreateFileA
GetModuleFileNameA
Sleep
CreateThread
SetLastError
GetLastError
TerminateProcess
OpenProcess
ReadFile
GetFileSize
WriteFile
SetFilePointer
SetFileAttributesA
GetLocalTime
ResumeThread
SetThreadContext
VirtualProtectEx
WriteProcessMemory
VirtualAllocEx
IsBadReadPtr
FreeLibrary
GetProcAddress
LoadLibraryA
ReadProcessMemory
GetThreadContext
CreateProcessA
GetCurrentDirectoryA
GetWindowsDirectoryA
MapViewOfFile
OpenFileMappingA
GetCommandLineA
GetModuleHandleA
GetTempFileNameA
GetTempPathA
DeleteFileA
CopyFileA
EndUpdateResourceA
UpdateResourceA
BeginUpdateResourceA
GetProcessVersion
lstrcmpiA
WideCharToMultiByte
MultiByteToWideChar

user32

MessageBoxA

msvcrt

memcpy
??3@YAXPAX@Z
ftell
fclose
fread
fseek
strcpy
__CxxFrameHandler
_wcsnicmp
wcscpy
fwrite
time
memset
strcat
strlen
??2@YAPAXI@Z
_strnicmp
fopen
wcslen
_itoa
_wcsicmp

msvcp60

??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGABV?$allocator@G@1@@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
?c_str@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEPBGXZ

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

79b96456f9efc94c33ade5e8ec421b2f

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

msvcp60

Sections

.text Size: 44KB - Virtual size: 44KB

.rsrc Size: 36KB - Virtual size: 35KB

.text
Size: 44KB - Virtual size: 44KB

.rsrc
Size: 36KB - Virtual size: 35KB