8d2f2e951baa4d6285d0bb57202fe340_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

8d2f2e951baa4d6285d0bb57202fe340_NeikiAnalytics.exe
Size

1.8MB
MD5

8d2f2e951baa4d6285d0bb57202fe340
SHA1

6431f1c0577e0cb17de30dbbb2261eb93f3eb67c
SHA256

2a68b7f6a022f0777fde0c36f8648c630c986b949e6e251777aaf4692678a9fb
SHA512

78a0478a86715e1995311691c25082a63d28dcea94f0b2a4a3fb32744495bd56f545baef72cde05b0ca01944737722fbaaa25a24f31695cb35503a90ae51003a
SSDEEP

768:/mRXrumbeZlsAgpg23z6R0GBKZZg+qzzw7TNVwNCPJhsflHiPv9oSn8b22:OtuK6yz6pcZZg+qo/JPJhGlWNn8i2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8d2f2e951baa4d6285d0bb57202fe340_NeikiAnalytics.exe

Files

8d2f2e951baa4d6285d0bb57202fe340_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

319117f107260c40e938df1d1812bd52

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
CreateEventA
GetVersionExA
WaitForSingleObject
SetThreadPriority
GetCurrentThread
SetEvent
CloseHandle
CopyFileA
lstrcatA
GetSystemDirectoryA
GetModuleFileNameA
GetCurrentThreadId
FindResourceA
SetFilePointer
SetEnvironmentVariableA
GetOEMCP
GetACP
CompareStringW
CompareStringA
GetCPInfo
CreateProcessA
GetExitCodeProcess
FlushFileBuffers
HeapReAlloc
LoadResource
LockResource
lstrcpynA
GetFullPathNameA
LoadLibraryA
GetProcAddress
FreeLibrary
GetLastError
lstrlenA
FormatMessageA
Sleep
LocalFree
VirtualAlloc
GetStringTypeW
GetStringTypeA
WriteFile
RtlUnwind
VirtualFree
HeapCreate
SetStdHandle
HeapDestroy
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetFileAttributesA
GetFileType
GetStdHandle
SetHandleCount
HeapFree
HeapAlloc
WideCharToMultiByte
ExitProcess
TerminateProcess
GetCurrentProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
MultiByteToWideChar
LCMapStringA
LCMapStringW

user32

CloseDesktop
LoadStringA
SendMessageA
MessageBoxA
GetThreadDesktop
SetThreadDesktop
OpenInputDesktop
FindWindowA
EnumDisplaySettingsA
EnumDisplayDevicesA
CharNextA

advapi32

RegCreateKeyA
RegSetValueExA
RegCloseKey
CreateServiceA
StartServiceA
DeleteService
ControlService
OpenSCManagerA
OpenServiceA
CloseServiceHandle
RegCreateKeyExA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

setupapi

SetupDiSetClassInstallParamsA
SetupDiGetDeviceInstallParamsA
SetupDiGetINFClassA
SetupDiCreateDeviceInfoList
SetupDiCreateDeviceInfoA
SetupDiSetDeviceRegistryPropertyA
SetupDiCallClassInstaller
SetupDiClassGuidsFromNameExA
SetupDiCreateDeviceInfoListExA
SetupDiGetClassDevsExA
SetupDiOpenDeviceInfoA
SetupDiGetDeviceInfoListDetailA
CM_Get_Device_ID_ExA
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo

Sections

.text
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

319117f107260c40e938df1d1812bd52

Headers

File Characteristics

Imports

kernel32

user32

advapi32

version

setupapi

Sections

.text Size: 36KB - Virtual size: 33KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 12KB - Virtual size: 18KB

Size: 1.8MB - Virtual size: 1.8MB

.text
Size: 36KB - Virtual size: 33KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 18KB