48f8894ab7f17719d38e5d59737d3587707c862f37b55f4dcc9b4b038b224fc9_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

48f8894ab7f17719d38e5d59737d3587707c862f37b55f4dcc9b4b038b224fc9_NeikiAnalytics.exe
Size

25KB
MD5

6085c4a129c0decc8cc20bd33e50b6d0
SHA1

cadd96c4003cb49e4af6f71140e56051c6a318d7
SHA256

48f8894ab7f17719d38e5d59737d3587707c862f37b55f4dcc9b4b038b224fc9
SHA512

4e16b3a3272d23abeb2cb56c0cc318d4268f356f79ddbd3af44d83c24fd0168c3e1d4010a57d8dbcb562fa75dfb4db737815fd1e536829bb257c1a769dd9a185
SSDEEP

768:PaJ0zItdQ5dRqAaXFzeaAhqNY0/rzhbivvGm8X:P40zItd4dR3hpwy0DzhbivvGm8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
48f8894ab7f17719d38e5d59737d3587707c862f37b55f4dcc9b4b038b224fc9_NeikiAnalytics.exe

Files

48f8894ab7f17719d38e5d59737d3587707c862f37b55f4dcc9b4b038b224fc9_NeikiAnalytics.exe
.dll windows:6 windows x86 arch:x86

94302120a4206967d0de2d2c3172365e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc120

ord14098
ord5764
ord1656
ord1041
ord316
ord1047
ord324
ord8308
ord310
ord1502
ord8311
ord8229
ord12677
ord8167
ord5241
ord2442
ord12355
ord12356
ord14368
ord7770
ord14366
ord9234
ord4100
ord4039
ord12759
ord7789
ord1985
ord11802
ord11803
ord14240
ord12345
ord7848
ord14440
ord2963
ord14442
ord6227
ord14441
ord6226
ord3801
ord5797
ord12057
ord12065
ord4537
ord8062
ord10264
ord12069
ord12037
ord12740
ord5136
ord5433
ord5643
ord9186
ord5409
ord5646
ord305
ord5801
ord5139
ord5295
ord5119
ord7574
ord7575
ord7565
ord2246
ord5293
ord8064
ord10083
ord9047
ord6729
ord7845
ord1463
ord6225
ord2199
ord3798
ord1505
ord325
ord1048
ord2317
ord2364
ord2367
ord2330
ord2366
ord485
ord2221
ord2328
ord2136
ord2252
ord2355
ord990
ord7507
ord1504

msvcr120

__clean_type_info_names_internal
__crtTerminateProcess
__crtUnhandledException
_crt_debugger_hook
_except_handler4_common
?terminate@@YAXXZ
_initterm_e
_initterm
_malloc_crt
_amsg_exit
__CppXcptFilter
??1type_info@@UAE@XZ
_onexit
__dllonexit
_calloc_crt
_unlock
_lock
memset
memcpy
__CxxFrameHandler3
_CxxThrowException
_purecall
memmove
free

kernel32

InitializeCriticalSectionEx
DecodePointer
GetLastError
OutputDebugStringW
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
IsDebuggerPresent
EncodePointer
LocalFree
LocalAlloc
DeleteCriticalSection

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

msvcp120

?_Winerror_map@std@@YAPBDH@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z
?_Xbad_alloc@std@@YAXXZ
?_Syserror_map@std@@YAPBDH@Z

Exports

Exports

??4Text@LDE@Report@Sdb@@QAEAAV0123@ABV0123@@Z
?load@Text@LDE@Report@Sdb@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@I@Z

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

94302120a4206967d0de2d2c3172365e

Headers

DLL Characteristics

File Characteristics

Imports

mfc120

msvcr120

kernel32

advapi32

msvcp120

Exports

Exports

Sections

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 2KB - Virtual size: 1KB