9509b83a375d327eae8cd636308e91f0_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

9509b83a375d327eae8cd636308e91f0_NeikiAnalytics.exe
Size

8.5MB
MD5

9509b83a375d327eae8cd636308e91f0
SHA1

b246832e21177a58c58a0e378837d26e75da0f2b
SHA256

f37c2fe30b123354f541101076a712761494007dc303f4d12a58953affd61c3b
SHA512

f05be3e7c8b1c53948958d7b5d06e2326d2a25d93c202a822777f88eb3dfa8320b09fa8e97581cda0f144563e3fb75baa3d220f1b861814b7390122560d92fd9
SSDEEP

49152:NzugF+nThhI4YQd3vUu23+jaiIpkFzygO6X2KPUbBeA4XMj+V9MviWMcM+57puZM:NTQThht18u23kpIpa0wC20

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9509b83a375d327eae8cd636308e91f0_NeikiAnalytics.exe

Files

9509b83a375d327eae8cd636308e91f0_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

52c625f6a8edc682af83ac5f40c2ff1a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

ws2_32

WSAGetOverlappedResult

advapi32

CryptAcquireContextW
CryptGenRandom
CryptReleaseContext

winmm

timeBeginPeriod

kernel32

VirtualAlloc
VirtualFree
CreateIoCompletionPort
GetQueuedCompletionStatus
CloseHandle
CreateEventA
CreateThread
CreateWaitableTimerA
DuplicateHandle
ExitProcess
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetProcAddress
GetStdHandle
GetSystemInfo
GetSystemTimeAsFileTime
GetThreadContext
LoadLibraryW
LoadLibraryA
ResumeThread
SetConsoleCtrlHandler
SetEvent
SetThreadPriority
SetWaitableTimer
SuspendThread
WaitForSingleObject
WriteFile

ntdll

NtWaitForSingleObject

Sections

.text
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 102KB - Virtual size: 186KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 512B - Virtual size: 211B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/18
Size: 213KB - Virtual size: 212KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/30
Size: 188KB - Virtual size: 187KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/43
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/55
Size: 640KB - Virtual size: 640KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/71
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/87
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/102
Size: 512B - Virtual size: 52B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.symtab
Size: 512B - Virtual size: 193B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

52c625f6a8edc682af83ac5f40c2ff1a

Headers

File Characteristics

Imports

ws2_32

advapi32

winmm

kernel32

ntdll

Sections

.text Size: 6.0MB - Virtual size: 6.0MB

.data Size: 102KB - Virtual size: 186KB

/4 Size: 512B - Virtual size: 211B

/18 Size: 213KB - Virtual size: 212KB

/30 Size: 188KB - Virtual size: 187KB

/43 Size: 1.3MB - Virtual size: 1.3MB

/55 Size: 640KB - Virtual size: 640KB

/71 Size: 118KB - Virtual size: 118KB

/87 Size: 4KB - Virtual size: 4KB

/102 Size: 512B - Virtual size: 52B

.idata Size: 1024B - Virtual size: 972B

.symtab Size: 512B - Virtual size: 193B

.text
Size: 6.0MB - Virtual size: 6.0MB

.data
Size: 102KB - Virtual size: 186KB

/4
Size: 512B - Virtual size: 211B

/18
Size: 213KB - Virtual size: 212KB

/30
Size: 188KB - Virtual size: 187KB

/43
Size: 1.3MB - Virtual size: 1.3MB

/55
Size: 640KB - Virtual size: 640KB

/71
Size: 118KB - Virtual size: 118KB

/87
Size: 4KB - Virtual size: 4KB

/102
Size: 512B - Virtual size: 52B

.idata
Size: 1024B - Virtual size: 972B

.symtab
Size: 512B - Virtual size: 193B