0451a07736d35a86e8207a47131831741132f97a05afec7b1548e28b2db22767_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

0451a07736d35a86e8207a47131831741132f97a05afec7b1548e28b2db22767_NeikiAnalytics.exe
Size

512KB
MD5

d1f464a1fae14cbb906241936d024dd0
SHA1

29e6dae0d0a7fa51d98c3c0d46bc0d0a4e0584f2
SHA256

0451a07736d35a86e8207a47131831741132f97a05afec7b1548e28b2db22767
SHA512

2e75a9d5a6279dc54104f66728c02b0788f69b04c7cb89b098c5181d61eb8b3a195ab481a3055611f48efa89bca7d7f47fb80000cb2a9ffb21e94b4f532e2ba0
SSDEEP

6144:X/NWQbFyfO1wNSbznR1RKGLOyRa7tZw57YhDO61HHDkjB5q6j81oTyEfgUqSRaj:X/UQJCSbN1RK57tZ7dHDsIkRajA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0451a07736d35a86e8207a47131831741132f97a05afec7b1548e28b2db22767_NeikiAnalytics.exe

Files

0451a07736d35a86e8207a47131831741132f97a05afec7b1548e28b2db22767_NeikiAnalytics.exe
.dll windows:5 windows x86 arch:x86

1bdb154eb6633c6c99328e3e6ba0c570

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\T27L10NSP32_ORION110\build\020p\maps\release\nbras.pdb

Imports

wbxbase

?Read32@WBXDataStream@@QAEKXZ
??0WBXMemoryInputStream@@QAE@PBXK@Z
??0WBXDataStream@@QAE@AAVWBXInputStream@@@Z
??1WBXMemoryInputStream@@UAE@XZ
??0WBXMemoryOutputStream@@QAE@PAXK@Z
??0WBXDataStream@@QAE@AAVWBXOutputStream@@@Z
??1WBXDataStream@@QAE@XZ
??1WBXMemoryOutputStream@@UAE@XZ
??5WBXDataStream@@QAEAAV0@AAG@Z
??5WBXDataStream@@QAEAAV0@AAK@Z
??5WBXDataStream@@QAEAAV0@AAE@Z
?Read8@WBXDataStream@@QAEXPAEK@Z
?IsOk@WBXDataStream@@QAEHXZ
??6WBXDataStream@@QAEAAV0@G@Z
??6WBXDataStream@@QAEAAV0@K@Z
??6WBXDataStream@@QAEAAV0@E@Z
?Write8@WBXDataStream@@QAEXPBEK@Z

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetModuleHandleW
OutputDebugStringW
lstrlenW
lstrcatW
GetProcAddress
FreeLibrary
lstrcpynW
GetModuleFileNameW
LoadLibraryW
IsBadReadPtr
VirtualQuery

user32

RedrawWindow

msvcp90

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

msvcr90

__clean_type_info_names_internal
_onexit
_crt_debugger_hook
?terminate@@YAXXZ
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_purecall
??3@YAXPAX@Z
__CxxFrameHandler3
??2@YAPAXI@Z
memcpy
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@XZ
??_V@YAXPAX@Z
_invalid_parameter_noinfo
_CxxThrowException
??0exception@std@@QAE@ABV01@@Z
memmove_s
memset
_wsplitpath_s
_wmakepath_s
wcscpy_s
wcsncpy
_encode_pointer
_malloc_crt
free
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_unlock
__dllonexit
_lock

Exports

Exports

NBRDeleteInstance
NBRInitCCInterface
NBRNewInstance

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1bdb154eb6633c6c99328e3e6ba0c570

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

wbxbase

kernel32

user32

msvcp90

msvcr90

Exports

Exports

Sections

.text Size: 31KB - Virtual size: 30KB

.rdata Size: 13KB - Virtual size: 12KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 31KB - Virtual size: 30KB

.rdata
Size: 13KB - Virtual size: 12KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 3KB