83efb5ff86a6fc2bf65367b36cbb0ae0_NeikiAnalytics[.]exe

General

Target

83efb5ff86a6fc2bf65367b36cbb0ae0_NeikiAnalytics.exe
Size

464KB
MD5

83efb5ff86a6fc2bf65367b36cbb0ae0
SHA1

fdb6a4293c0491b2926f82e2ab744a9de4fe8c3c
SHA256

eeb59839228171c9252a1796cb97d21f83809ba30a59406fb5b30d5008e8873f
SHA512

0acb82ec24c00d4528c18bd997c5933f4eb8e68df2e9decb1bb498bf51e2e627e541e9d8704b3f7bd401e0f4802566893bc644447c89cf6069369463991702be
SSDEEP

6144:b0ecKIa+HFYkND7Kb/NfN8LDTqVv2ajzfGE69my5U/v:b0eDyjNDGTFS21ffKC/v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
83efb5ff86a6fc2bf65367b36cbb0ae0_NeikiAnalytics.exe

Files

83efb5ff86a6fc2bf65367b36cbb0ae0_NeikiAnalytics.exe
.dll windows:4 windows x86 arch:x86

95783f46452a515e2a76b4ad0adb1754

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenW
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
DebugBreak
OutputDebugStringW
LoadLibraryA
GetOEMCP
GetACP
RtlUnwind
GetCommandLineA
GetVersion
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
HeapFree
HeapAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapSize
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
CloseHandle
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
VirtualAlloc
SetStdHandle
FlushFileBuffers
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
GetCPInfo

user32

wvsprintfW
LoadStringW
CharNextW
CharLowerW

shlwapi

PathFindExtensionW
PathFindFileNameW
PathIsURLW

Exports

Exports

GetModuleInterface
GetModuleVersion

Sections

.text
Size: 296KB - Virtual size: 293KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

95783f46452a515e2a76b4ad0adb1754

Headers

File Characteristics

Imports

kernel32

user32

shlwapi

Exports

Exports

Sections

.text Size: 296KB - Virtual size: 293KB

.rdata Size: 56KB - Virtual size: 53KB

.data Size: 76KB - Virtual size: 79KB

.reloc Size: 32KB - Virtual size: 31KB

.text
Size: 296KB - Virtual size: 293KB

.rdata
Size: 56KB - Virtual size: 53KB

.data
Size: 76KB - Virtual size: 79KB

.reloc
Size: 32KB - Virtual size: 31KB