37fe60034f11c6150ab2e2e3b16f3963d46f84142ec7b2f1bcbdcc887ac5af23_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

37fe60034f11c6150ab2e2e3b16f3963d46f84142ec7b2f1bcbdcc887ac5af23_NeikiAnalytics.exe
Size

56KB
MD5

fa0d91382a6dc370556e63e9ff8dcdb0
SHA1

559347d35e7218ce7ca9e279b67f5b5c9759ff7f
SHA256

37fe60034f11c6150ab2e2e3b16f3963d46f84142ec7b2f1bcbdcc887ac5af23
SHA512

d739121e0a5e23a8f6272490783c31de4e956d6823c9d7847a211cfdf00546f4b90ea70fe0ddd802d8739e1cea4ef8a0a521ab5ce60d9671ff4cb51fac198bc9
SSDEEP

768:QbKpN9+Q1AXAH/BeH+99l6cxDY2r+/5gE6M3dp4lUG7GEcIXOK4:CU1AQH/msdY2wCTbtcIXOK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37fe60034f11c6150ab2e2e3b16f3963d46f84142ec7b2f1bcbdcc887ac5af23_NeikiAnalytics.exe

Files

37fe60034f11c6150ab2e2e3b16f3963d46f84142ec7b2f1bcbdcc887ac5af23_NeikiAnalytics.exe
.exe windows:5 windows x86 arch:x86

308d87cd7852ef2339d2932ee3794ba8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_adjust_fdiv
__setusermatherr
_initterm
__wgetmainargs
__winitenv
_cexit
_XcptFilter
_exit
_c_exit
_wfullpath
_getmbcp
wprintf
wcscat
exit
_wtoi
__p__commode
wcslen
_wcsnicmp
swprintf
wcstod
__p__fmode
_wfopen
fgetws
fclose
_wtol
_wcslwr
wcsstr
_wsplitpath
_wmakepath
wcsncpy
wcstok
wcscmp
_ftol
__set_app_type
_except_handler3
_controlfp
wcscpy
_wcsicmp

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey
AdjustTokenPrivileges
OpenProcessToken

kernel32

GetLastError
GetLocaleInfoW
SetConsoleTextAttribute
GetStdHandle
GetConsoleScreenBufferInfo
HeapFree
GetProcessHeap
HeapAlloc
GetConsoleOutputCP
FindClose
FindNextFileW
FindFirstFileW
GetComputerNameW
FileTimeToSystemTime
SetThreadLocale
LoadLibraryW
FreeLibrary
SystemTimeToFileTime
GetConsoleMode
SetConsoleMode
ReadFile
MultiByteToWideChar
ReadConsoleW
GetModuleFileNameW
GetModuleHandleW
FormatMessageW
GetFileType
WriteConsoleW
GetSystemDefaultLCID
LocalFree
GetCurrentProcess
GetUserDefaultUILanguage
HeapReAlloc
WriteFile
GetThreadLocale

ole32

CoUninitialize
StringFromGUID2
CoInitialize
CoCreateInstance
CoSetProxyBlanket

oleaut32

SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetLBound
SafeArrayDestroy
VariantClear
VariantChangeType
SafeArrayCreateVector
VariantInit
SysAllocString
SysFreeString
SafeArrayGetUBound

user32

wsprintfW
CharToOemW
LoadStringW

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

netapi32

NetUseDel
NetUseGetInfo
NetUseAdd

pdh

PdhTranslateLocaleCounterW
PdhPlaGetLogFileNameW
PlaTimeInfoToMilliSeconds
PdhPlaGetInfoW
PdhPlaSetInfoW
PdhPlaEnumCollectionsW
PdhPlaCreateW
PdhPlaDeleteW
PdhPlaStopW
PdhPlaStartW
PdhiPlaGetVersion
PdhPlaScheduleW
PdhPlaGetScheduleW

shlwapi

StrCmpNIW

Sections

.text
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

308d87cd7852ef2339d2932ee3794ba8

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

kernel32

ole32

oleaut32

user32

version

netapi32

pdh

shlwapi

Sections

.text Size: 37KB - Virtual size: 36KB

.data Size: 3KB - Virtual size: 8KB

.rsrc Size: 15KB - Virtual size: 14KB

.text
Size: 37KB - Virtual size: 36KB

.data
Size: 3KB - Virtual size: 8KB

.rsrc
Size: 15KB - Virtual size: 14KB