ce04da59d0d56c3fc6f18a9daef2e1a0_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

ce04da59d0d56c3fc6f18a9daef2e1a0_NeikiAnalytics.exe
Size

200KB
MD5

ce04da59d0d56c3fc6f18a9daef2e1a0
SHA1

f9a660ea4fb4dbe82b725a8d864e4e66fe894b8a
SHA256

8f36a79550b89082c059607b3ee4cc1d100d9732dd8b3f45a8f24c44bd1f2f07
SHA512

6e1111c35c271e928b843a7a51354f5b3577466ac57fb0cc8419147a1c36cddd9016551670a6b4eac22ff508262e3d0c0b0036df2b79d9d7ad040d20446280dd
SSDEEP

3072:gx18FuDBNT21r8WfLKN/4xMWI0WImPLihwkI9n2c9jNh/jc+HhjEaI9RP8JIpx:AO0NT21rVfL2/X3xjDhjEaQRtx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce04da59d0d56c3fc6f18a9daef2e1a0_NeikiAnalytics.exe

Files

ce04da59d0d56c3fc6f18a9daef2e1a0_NeikiAnalytics.exe
.dll windows:6 windows x86 arch:x86

439b6894d5fff85bba5d152106db7710

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenW
lstrcpynW
DisableThreadLibraryCalls
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter

vcruntime140

_except_handler4_common
memset
memcpy
__CxxFrameHandler3
memchr
_purecall
__std_terminate
memmove
__std_exception_copy
__std_exception_destroy
_CxxThrowException
__std_type_info_destroy_list

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsnwprintf_s
__stdio_common_vsprintf

api-ms-win-crt-heap-l1-1-0

calloc
malloc
free
realloc
_callnewh

api-ms-win-crt-runtime-l1-1-0

_errno
exit
_initterm
_cexit
_execute_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initialize_onexit_table

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-math-l1-1-0

ldexp
_libm_sse2_atan_precise
_libm_sse2_cos_precise
_libm_sse2_exp_precise
_libm_sse2_log_precise
_libm_sse2_pow_precise
_libm_sse2_sin_precise
_libm_sse2_sqrt_precise
floor

Exports

Exports

kpi_CreateInstance

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

439b6894d5fff85bba5d152106db7710

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-math-l1-1-0

Exports

Exports

Sections

.text Size: 116KB - Virtual size: 115KB

.rdata Size: 79KB - Virtual size: 78KB

.data Size: 1024B - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 116KB - Virtual size: 115KB

.rdata
Size: 79KB - Virtual size: 78KB

.data
Size: 1024B - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 3KB