435d2be57c47b6022b39a583820d1280_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

435d2be57c47b6022b39a583820d1280_NeikiAnalytics.exe
Size

631KB
MD5

435d2be57c47b6022b39a583820d1280
SHA1

7ecb989f37275db1ce63481cafaf2624f1cd2d74
SHA256

7c218b9d555b8a4765b38e794913329730ebcf16c9db11b8b7b1bcc8f260f2f5
SHA512

e2b99147e0c131adaf4dd74da639d307ac3c1e8be3d12a250a8e80f01bf7c498d55f46e76e62879cb710be705a513b9cf46011bf06829a04238db4c0a3a9d3da
SSDEEP

12288:a0FVR4/M/9nwJMc3ahcSvZo+VZqaQIk/Ifq1jIr9o9HjUeDWvtY7OBnigjzCxByv:n6Sw3sQHj4tYqBd/oyBf+6ovS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
435d2be57c47b6022b39a583820d1280_NeikiAnalytics.exe

Files

435d2be57c47b6022b39a583820d1280_NeikiAnalytics.exe
.dll windows:5 windows x86 arch:x86

067cc1ab23a3b63c4ec1a4f9080ed137

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

iphlpapi

GetAdaptersInfo

kernel32

GetLastError
CreateDirectoryA
GetModuleFileNameA
GetCurrentThreadId
GetFileType
GetStdHandle
GetTickCount
QueryPerformanceCounter
GetCurrentProcessId
GlobalMemoryStatus
SetFileAttributesA
SetCurrentDirectoryA
GetCurrentDirectoryA
DeleteFileA
SetEnvironmentVariableA
CompareStringW
CreateFileW
DeviceIoControl
GetVolumeInformationA
CreateProcessA
CreateFileA
GetFileInformationByHandle
FindFirstFileA
FindNextFileA
FindClose
lstrcpyA
GetVersionExA
GetStringTypeW
RaiseException
LoadLibraryW
GetDriveTypeW
GetCurrentDirectoryW
GetProcessHeap
SetEndOfFile
WriteConsoleW
LCMapStringW
SetStdHandle
HeapSize
GetFileAttributesA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
LoadLibraryA
FreeLibrary
lstrlenA
GetVersion
CloseHandle
EnterCriticalSection
ReleaseSemaphore
CreateSemaphoreA
LeaveCriticalSection
Sleep
InitializeCriticalSection
WaitForSingleObject
GetModuleHandleA
GetProcAddress
HeapAlloc
HeapFree
RtlUnwind
DecodePointer
GetCommandLineA
GetSystemTimeAsFileTime
HeapReAlloc
EncodePointer
LockFile
UnlockFile
MultiByteToWideChar
ReadFile
FlushFileBuffers
SetFilePointer
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FileTimeToSystemTime
FileTimeToLocalFileTime
PeekNamedPipe
GetTimeZoneInformation
GetDriveTypeA
FindFirstFileExA
GetFullPathNameA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetStartupInfoW
DeleteCriticalSection
GetModuleHandleW
ExitProcess
GetModuleFileNameW
HeapCreate
HeapDestroy
IsProcessorFeaturePresent
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
SetEnvironmentVariableW

user32

GetUserObjectInformationW
MessageBoxA
GetSystemMetrics
GetDesktopWindow
GetProcessWindowStation
wsprintfA

shell32

SHGetSpecialFolderPathA

wsock32

getsockopt
__WSAFDIsSet
shutdown
closesocket
bind
listen
setsockopt
select
htons
htonl
gethostbyname
WSAGetLastError
WSACleanup
WSAStartup
gethostname
connect
inet_ntoa
socket
send
sendto
recvfrom
accept
ntohl
ioctlsocket

advapi32

GetUserNameA
RegSetValueExA
RegisterEventSourceA
ReportEventA
DeregisterEventSource
CreateWellKnownSid
InitializeAcl
AddAccessAllowedAceEx
RegQueryValueExA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegDeleteKeyA

Exports

Exports

main1

Sections

.text
Size: 439KB - Virtual size: 438KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

067cc1ab23a3b63c4ec1a4f9080ed137

Headers

DLL Characteristics

File Characteristics

Imports

iphlpapi

kernel32

user32

shell32

wsock32

advapi32

Exports

Exports

Sections

.text Size: 439KB - Virtual size: 438KB

.rdata Size: 89KB - Virtual size: 88KB

.data Size: 70KB - Virtual size: 99KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 32KB - Virtual size: 31KB

.text
Size: 439KB - Virtual size: 438KB

.rdata
Size: 89KB - Virtual size: 88KB

.data
Size: 70KB - Virtual size: 99KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 32KB - Virtual size: 31KB