6d07ebb10f0c376fe83728c5e4903910_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

6d07ebb10f0c376fe83728c5e4903910_NeikiAnalytics.exe
Size

844KB
MD5

6d07ebb10f0c376fe83728c5e4903910
SHA1

db30bc8fa70e00cb7d8063bc438d37f4621a6b07
SHA256

e180262fa23508eb588a22bb9faf2dd2a3cf275cb12f2d402a2d9b9ce23c5455
SHA512

013fdbc5619b69c597e5b2bfd5267be010d3268b325f260bd213ab2c0b9461b7bed9ec03aac05b336997489076e02b4da5a769d07fb1d598a70727e0b1362fed
SSDEEP

12288:C9MlqH7DewJpg/AaeSsVnsSATexWXsl6ydTI87ybvP9ZNIET+jEM7czXUCMlr:CBOIZnC062EZvP9IET+4M7cz2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6d07ebb10f0c376fe83728c5e4903910_NeikiAnalytics.exe

Files

6d07ebb10f0c376fe83728c5e4903910_NeikiAnalytics.exe
.dll windows:4 windows x86 arch:x86

5daa11fd704e5b8642532f58c86b8044

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\CZZ\复件 z00105600_fenzhiC51\WT_UTPS_CODE\UTPS_V100R001\utps\solution\win32\NDISAPI\Release\NDISAPI.pdb

Imports

setupapi

SetupDiGetClassDevsA
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceRegistryPropertyA
CM_Get_DevNode_Status
SetupDiCallClassInstaller
CM_Reenumerate_DevNode
SetupDiEnumDeviceInfo
SetupDiGetDeviceInstanceIdA
CM_Locate_DevNodeA

kernel32

LCMapStringW
WriteFile
CloseHandle
CreateFileA
CreateMutexA
GetModuleFileNameA
ReleaseMutex
SetFilePointer
WaitForSingleObject
GetLocalTime
Sleep
SetEvent
ResetEvent
CreateEventA
OutputDebugStringA
InitializeCriticalSection
DeleteCriticalSection
CancelIo
CreateThread
GetOverlappedResult
ReadFile
LeaveCriticalSection
EnterCriticalSection
DeviceIoControl
InterlockedExchange
GetACP
GetLocaleInfoA
GetVersionExA
RaiseException
WaitForMultipleObjects
TerminateThread
LCMapStringA
SetStdHandle
FlushFileBuffers
GetLocaleInfoW
InterlockedDecrement
GetLastError
QueryPerformanceCounter
ExitProcess
RtlUnwind
HeapFree
GetSystemTimeAsFileTime
HeapAlloc
GetCurrentThreadId
GetCommandLineA
InterlockedIncrement
GetTickCount
GetCurrentProcessId
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetProcAddress
GetModuleHandleA
SetUnhandledExceptionFilter
HeapReAlloc
TerminateProcess
GetCurrentProcess
HeapSize
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
VirtualQuery
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
UnhandledExceptionFilter
LoadLibraryA
IsBadReadPtr
IsBadCodePtr
GetOEMCP
GetCPInfo
VirtualProtect
GetSystemInfo
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage

advapi32

RegEnumKeyExA
RegNotifyChangeKeyValue
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
RegCloseKey
RegQueryInfoKeyA

Exports

Exports

NdisCancelConnect
NdisConnect
NdisConnectionNotification
NdisDestroyInstance
NdisDisconnect
NdisGetConnState
NdisGetDeviceCount
NdisGetDeviceName
NdisOnPowerbroadcast
NdisSelectDevice

Sections

.text
Size: 520KB - Virtual size: 517KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5daa11fd704e5b8642532f58c86b8044

Headers

File Characteristics

PDB Paths

Imports

setupapi

kernel32

advapi32

Exports

Exports

Sections

.text Size: 520KB - Virtual size: 517KB

.rdata Size: 92KB - Virtual size: 90KB

.data Size: 120KB - Virtual size: 126KB

.rsrc Size: 4KB - Virtual size: 832B

.reloc Size: 104KB - Virtual size: 101KB

.text
Size: 520KB - Virtual size: 517KB

.rdata
Size: 92KB - Virtual size: 90KB

.data
Size: 120KB - Virtual size: 126KB

.rsrc
Size: 4KB - Virtual size: 832B

.reloc
Size: 104KB - Virtual size: 101KB