1537607bf769bf326c9fb700c0059430_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

1537607bf769bf326c9fb700c0059430_NeikiAnalytics.exe
Size

162KB
MD5

1537607bf769bf326c9fb700c0059430
SHA1

39d4ef38be3e31ba7875c6b3887d311a01056f46
SHA256

46e3feea6d26c6bd73ca98cdab16002882044de01c45017755fde37392e8cbfd
SHA512

9c4743c316c7871cd91fa164061f07d24dea7e619b6ee263b2805c0da6fc6f2a606e78de0674b5807f3a33e7a9f63e7c9d157d1e765f952aff801a7054c19aa8
SSDEEP

3072:xygh5kgWwNqkOe6wM5Jp847gJPZYM3LV7KU6phU:xXndqneJMp84sblci

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1537607bf769bf326c9fb700c0059430_NeikiAnalytics.exe

Files

1537607bf769bf326c9fb700c0059430_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

38d637d0e540e947ef2b211239ffda03

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oracommon8

sigunmu
kzsrdep
kzsrenc
slkmnm
sigpidu
sigpnmu

orageneric8

kpummini
kpummealloc
kotpgreg
kghalf
kolo_get_support_fn
kohrsc
kohedu
kpummpin
kocedd
slgtd
kghgrw
kghfrf
kohalc
korfpini
kocpin
kpummSltsCtx
kocbgd

oraclient8

OCIContextSetValue
OCIContextGetValue
OCIMemoryAlloc
xaosw
kpughndl
kpuinit
kpupin
kpufhndl

oranls8

lmsagbf
lxscop
lxscmp
lmsacbn
lmsacin
lxinitc
lxlinit
lmsaip
lxt24s
lxicps
lxmpuc
lxncat
lxmcpen
lxi42b
lxhcurrlangid
lxmspax
lxmfwdx
lxmdigx
lxmc2wx
lxhlinfo
lxhcsn
lxmopen
lxt2ws
lxhasc
lxrrep
lxhci2h
lxgratio
lxgcnv
lxncmp
lxhnmod
lxgt2u
lmsatrm
lxhlmod

oracore8

lfilini
sltspctimewait
sltspcsignal
sltspcwait
lfimkpth
sltsmxd
Slu8FrText
lnxsni
Sls8FrText
lnxnuc
lnxnur
ldxeti
ldxstd
lnxmin
lnxmul
lnxren
lnxcpn
LhtStrDestroy
LhtStrRemove
LhtStrSearch
LhtStrCreate
LhtStrInsert
lficls
lfird
lfiwr
lfiflu
sltsmxi
sltstidinit
sltstgh
sltstgi
sltskys
sltskyc
sltsini
ldxini
lpminit
ldxsto
sltstiddestroy
sltstspawn
sltstjn
sltsmnr
sltsmna
slctbev
lfifpo
lfifno
ldxsen
ldxdts
lfilsek
lfiopn
sltsthndinit
lfifex
lfimknam
ldxsti
ltstidd
ltstidi
lfipthad
sltspcinit
sltspcdestroy
sltsthnddestroy
LdiInitDef
ldxite
sldxgd
sltskyg

kernel32

Sleep

msvcrt

__p___initenv
localtime
_XcptFilter
_setjmp3
_exit
_write
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
exit
sprintf
atoi
vsprintf
longjmp

oranro8

ncrsta2msg
sncrswntgad

oran8

nsevwait
nsgireg
nsgirld
nsgidsty
nsgiunr
nsevrgs
nsevmute
nsdisc
nsballoc
nslisten
nsanswer
nsaccept
nsgbltrm
nsgblini
nsbfree
nsgetaddr
nsevsig
nsdo

oranl8

nlstdstp
nlstdgg

Sections

.text
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

38d637d0e540e947ef2b211239ffda03

Headers

File Characteristics

Imports

oracommon8

orageneric8

oraclient8

oranls8

oracore8

kernel32

msvcrt

oranro8

oran8

oranl8

Sections

.text Size: 122KB - Virtual size: 122KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 34KB - Virtual size: 34KB

.text
Size: 122KB - Virtual size: 122KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 34KB - Virtual size: 34KB