19f854d5ff76bdd38006d47ffcddf8b5a121bafe133b2a49557881c4f89263bc_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

19f854d5ff76bdd38006d47ffcddf8b5a121bafe133b2a49557881c4f89263bc_NeikiAnalytics.exe
Size

12KB
MD5

22ddd64d43e15f86ff91cb959ccc9410
SHA1

549f8a0b83f7765ecb16e9c0171ee143e907a909
SHA256

19f854d5ff76bdd38006d47ffcddf8b5a121bafe133b2a49557881c4f89263bc
SHA512

04736a7afa127f04d765ff3b2d976ccc0d83dee9935e97bbff21ab83cf27c74e9ca6d0bcdc7ab79ec56e506b108abcedb4cb48b4341d447ef45867eb68dd85c4
SSDEEP

192:Sr29sckOQuYWekrd+Qgdzs3JJisF1PuFwC6yHqAAw11pJnZ/9/xR3X/Vq:WZc91azsSsLuOCrHq7w11pFt9/HvV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
19f854d5ff76bdd38006d47ffcddf8b5a121bafe133b2a49557881c4f89263bc_NeikiAnalytics.exe

Files

19f854d5ff76bdd38006d47ffcddf8b5a121bafe133b2a49557881c4f89263bc_NeikiAnalytics.exe
.dll windows:5 windows x86 arch:x86

94157611bc84bb190d301960766156ab

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetSystemTimeAsFileTime
EncodePointer
DecodePointer
IsDebuggerPresent
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
lstrcpyW

user32

ShowWindow
SetWindowPos
RedrawWindow
SetWindowLongW
GetWindowLongW
SetRect
LoadCursorW
DrawTextW
FillRect
GetWindowRect
SetTimer
DestroyWindow
CreateWindowExW
AdjustWindowRectEx
RegisterClassW
GetSystemMetrics
SendMessageW
DefWindowProcW
MoveWindow

gdi32

GetStockObject
CreateCompatibleDC
SelectObject
DeleteObject
SetBkMode
GetCurrentObject
DeleteDC
SetTextColor
BitBlt
CreateSolidBrush

msvcp120

?_Xlength_error@std@@YAXPBD@Z
?_Xbad_alloc@std@@YAXXZ

msvcr120

__dllonexit
_calloc_crt
_unlock
_lock
_onexit
__crtTerminateProcess
__crtUnhandledException
__clean_type_info_names_internal
_crt_debugger_hook
_except_handler4_common
?terminate@@YAXXZ
memmove
_purecall
??3@YAXPAX@Z
??2@YAPAXI@Z
??1type_info@@UAE@XZ
__CppXcptFilter
_amsg_exit
free
_malloc_crt
_initterm
_initterm_e

Exports

Exports

TVTFinalize
TVTGetPluginInfo
TVTGetVersion
TVTInitialize

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 988B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 616B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

94157611bc84bb190d301960766156ab

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msvcp120

msvcr120

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 5KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 988B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 1024B - Virtual size: 616B

.text
Size: 6KB - Virtual size: 5KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 988B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 1024B - Virtual size: 616B