3c3298737db4c1c5ef2161153ea67f18940cc4d3edc950e9c8be9b04ecf65085_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

3c3298737db4c1c5ef2161153ea67f18940cc4d3edc950e9c8be9b04ecf65085_NeikiAnalytics.exe
Size

3.1MB
MD5

6cb54c0020aec03ee304b8f361715b90
SHA1

117d29a1e5e0bbe2819c4f870db9d29516d122b9
SHA256

3c3298737db4c1c5ef2161153ea67f18940cc4d3edc950e9c8be9b04ecf65085
SHA512

159e075bdc4f3a5f659d368223bb127906a867650101daddbd2413f92d661f67d79758ee755f618ba980d74fd3b55dc9d8087352e4c43e8b4c30108d41daab2a
SSDEEP

98304:7A5b4UrP2YfaW5xNR2wgTj3pjRKwSiAHsSbnmiXmWr+6:y4UrP2YfaW5xNR2wg3pFKVdKW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c3298737db4c1c5ef2161153ea67f18940cc4d3edc950e9c8be9b04ecf65085_NeikiAnalytics.exe

Files

3c3298737db4c1c5ef2161153ea67f18940cc4d3edc950e9c8be9b04ecf65085_NeikiAnalytics.exe
.dll windows:5 windows x86 arch:x86

2fe278dfa562b899256ac9b8958d4707

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

Microsoft.DirectX.Direct3DX.pdb

Imports

kernel32

InterlockedDecrement
InterlockedIncrement
GetTempPathA
GetTempFileNameA
DeleteFileA
CloseHandle
ReadFile
CreateFileA
WriteFile
WideCharToMultiByte
GetVersionExA
OutputDebugStringA
IsDBCSLeadByte
GetProcAddress
LoadLibraryA
GetModuleHandleA
CompareStringA
SetLastError
SizeofResource
LockResource
LoadResource
FindResourceA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetFileSize
CreateFileW
DeleteFileW
SetFilePointer
GetSystemInfo
IsProcessorFeaturePresent
EnterCriticalSection
InitializeCriticalSection
InterlockedCompareExchange
DeleteCriticalSection
LeaveCriticalSection
GetFullPathNameA
lstrcmpiA
GetLastError
FindResourceW
MultiByteToWideChar
VirtualFree
VirtualAlloc
MoveFileA
MoveFileW
GetTempFileNameW
IsBadWritePtr
GlobalMemoryStatus
FreeLibrary
SetEndOfFile
ExpandEnvironmentStringsA
HeapAlloc
GetProcessHeap
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InterlockedExchange
Sleep
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
FreeResource
DisableThreadLibraryCalls

mscoree

_CorDllMain

msvcrt

tolower
_purecall
_CIfmod
memmove
_stricmp
_CIasin
fclose
fwrite
fopen
_wfopen
__CxxFrameHandler
fread
floor
wcstombs
isalnum
isspace
atof
isalpha
isxdigit
toupper
_isnan
strchr
_fpclass
_CItanh
_CIsinh
_CIexp
_CIcosh
iswpunct
iswdigit
iswalpha
iswspace
modf
frexp
isdigit
longjmp
_setjmp3
sscanf
_strdate
_strtime
rand
_ultoa
atol
_except_handler3
exit
sprintf
_tempnam
?terminate@@YAXXZ
strncpy
wcsncpy
_CIpow
ceil
_controlfp
qsort
_vsnprintf
_finite
_CIacos
atoi
wcslen
setlocale
realloc
calloc
malloc
_onexit
__dllonexit
_adjust_fdiv
_initterm
free
memcmp
??3@YAXPAX@Z
??2@YAPAXI@Z
_strdup
ldexp
_CIsqrt

user32

ReleaseDC
GetDC

gdi32

CreateFontIndirectA
GetObjectA
GetCurrentObject
MoveToEx
ExtTextOutA
GetOutlineTextMetricsA
GetGlyphOutlineA
ExtTextOutW
CreateCompatibleDC
SelectObject
DeleteObject
SetMapMode
SetTextAlign
CreateFontIndirectW
GetFontLanguageInfo
GetTextMetricsW
SetBkMode
SetBkColor
SetTextColor
GetCharacterPlacementW
GetCharacterPlacementA
DeleteDC
CreateDIBSection
GetObjectW
GetTextMetricsA
GetGlyphOutlineW
GetDeviceCaps

advapi32

RegQueryValueExA
RegOpenKeyA
RegCloseKey

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 360KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 501KB - Virtual size: 504KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2fe278dfa562b899256ac9b8958d4707

Headers

File Characteristics

PDB Paths

Imports

kernel32

mscoree

msvcrt

user32

gdi32

advapi32

Sections

.text Size: 2.5MB - Virtual size: 2.5MB

.data Size: 107KB - Virtual size: 360KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 501KB - Virtual size: 504KB

.text
Size: 2.5MB - Virtual size: 2.5MB

.data
Size: 107KB - Virtual size: 360KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 501KB - Virtual size: 504KB