a0c2da03bca3fea45b9f281fe3ea3f30_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

a0c2da03bca3fea45b9f281fe3ea3f30_NeikiAnalytics.exe
Size

115KB
MD5

a0c2da03bca3fea45b9f281fe3ea3f30
SHA1

43682b104f4b19cf95201cc4729199d26b31df82
SHA256

34a07f040efce3f99c38c7a4af3e21fea459490db13506d8bfd1c69d859e4d46
SHA512

dae98a47252946ca8c8241fd0c2a335a79b5db3ee59c0aa6b950cf1c5655ad3d268a2d25100bc71f7860640d839fc93f05b7b74950fdc0f96415c0f094e5f47b
SSDEEP

3072:F5SXtFWyV3dt4lT/9br7/KK3k1YRdGKeRr:FivWyV3dtYVbr7/K9adG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0c2da03bca3fea45b9f281fe3ea3f30_NeikiAnalytics.exe

Files

a0c2da03bca3fea45b9f281fe3ea3f30_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

c68b4cf0e1a69b46b1e2fbd55b544597

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
MapViewOfFile
CreateFileMappingA
GetFileSizeEx
CreateFileA
QueryPerformanceCounter
FreeLibrary
GetProcAddress
LoadLibraryA
FindClose
FindFirstFileA
QueryPerformanceFrequency
SetConsoleTextAttribute
GetStdHandle
GetSystemInfo
GlobalMemoryStatusEx
GetModuleHandleA
DeviceIoControl
CloseHandle
HeapAlloc
GetProcessHeap
InterlockedDecrement
SetLastError
VirtualProtect
IsBadReadPtr
lstrlenA
LockResource
LoadResource
SizeofResource
FindResourceA
GetVersionExA
CreateThread
SetConsoleCtrlHandler
GetLastError
MultiByteToWideChar
LocalFree
VirtualAlloc
VirtualFree
UnmapViewOfFile
WriteFile
DeleteFileA
HeapFree
Sleep

user32

GetSystemMetrics
CharLowerBuffA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

ole32

CoInitializeEx
CoInitialize
CoCreateInstance
CoInitializeSecurity
CoSetProxyBlanket
CoUninitialize

oleaut32

SysAllocString
VariantInit
VariantClear
SysFreeString

msvcrt

_CxxThrowException
_wcsicmp
_onexit
__dllonexit
_controlfp
__set_app_type
__p__fmode
??1type_info@@UAE@XZ
__p__commode
memcpy
strlen
_snprintf
memset
printf
strstr
wprintf
_snwprintf
free
malloc
__CxxFrameHandler
_EH_prolog
_strnicmp
??3@YAXPAX@Z
??2@YAPAXI@Z
_except_handler3
wcslen
realloc
bsearch
qsort
strcmp
strncpy
_strcmpi
atoi
_exit
_XcptFilter
exit
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv

ws2_32

inet_addr
gethostbyname
htons
inet_ntoa

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 81KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c68b4cf0e1a69b46b1e2fbd55b544597

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

msvcrt

ws2_32

Sections

.text Size: 20KB - Virtual size: 20KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 9KB - Virtual size: 9KB

.rsrc Size: 81KB - Virtual size: 84KB

.text
Size: 20KB - Virtual size: 20KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 9KB - Virtual size: 9KB

.rsrc
Size: 81KB - Virtual size: 84KB