33e81b4315c67efceef33b72a4e25990_NeikiAnalytics[.]exe

General

Target

33e81b4315c67efceef33b72a4e25990_NeikiAnalytics.exe
Size

14KB
MD5

33e81b4315c67efceef33b72a4e25990
SHA1

384d2b8c320c57d615b61b3b3250785ff5f38f4e
SHA256

208cd73ea6278cbf9a1ccd2d3803421a1539d251025087ab9f9709fc6e222a0b
SHA512

5ae164e490538e1fb91f23684c026160e7d661d5cf064243d6def167e7fd1111f80362101b37d3757f7ac741603fd75bcd3e3a55930fc7341d30c9f3ab2a646b
SSDEEP

192:XbGp59szIHhY9greY9G6SERyfw1uT1M4Xyr4wu:QXszIHhY9greY9G6SERyfw1uT1rXH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
33e81b4315c67efceef33b72a4e25990_NeikiAnalytics.exe

Files

33e81b4315c67efceef33b72a4e25990_NeikiAnalytics.exe
.dll windows:4 windows x86 arch:x86

cae189f2786cd73e7ff3c53ba6965478

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

GetWindowTextA
wsprintfA
GetClassNameA
EnumChildWindows
GetForegroundWindow

kernel32

VirtualProtectEx
_lwrite
CloseHandle
CreateFileA
CreateThread
DeviceIoControl
ExitThread
GetLocalTime
GetProcAddress
GetSystemDirectoryA
GlobalAddAtomA
GlobalFindAtomA
LoadLibraryA
OpenProcess
RtlZeroMemory
Sleep
VirtualAlloc
lstrlenA
_llseek
_lread
lstrcatA
lstrcpyA
lstrcpynA
ord5
VirtualProtectEx
_lwrite
CloseHandle
CreateFileA
CreateThread
DeviceIoControl
ExitThread
GetLocalTime
GetProcAddress
GetSystemDirectoryA
GlobalAddAtomA
GlobalFindAtomA
LoadLibraryA
OpenProcess
RtlZeroMemory
Sleep
VirtualAlloc
lstrlenA
_llseek
_lread
lstrcatA
lstrcpyA
lstrcpynA
ord5

shell32

ShellExecuteA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

ws2_32

recv
closesocket
connect
gethostbyname
WSAStartup
send
socket
WSACleanup

Exports

Exports

DLD
LSD_F3

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cae189f2786cd73e7ff3c53ba6965478

Headers

File Characteristics

Imports

user32

kernel32

shell32

advapi32

ws2_32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 130KB

.reloc Size: 1024B - Virtual size: 844B

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 130KB

.reloc
Size: 1024B - Virtual size: 844B