5c267b69e006c0aa584ed5f5bfdb13caa07f8071aea32e19fb9827da59a82a79_NeikiAnalytics[.]exe

General

Target

5c267b69e006c0aa584ed5f5bfdb13caa07f8071aea32e19fb9827da59a82a79_NeikiAnalytics.exe
Size

122KB
MD5

6c5cb8f66db30b13d70a9fff5b684850
SHA1

a03e16408d837ebb8ec946ece7194672e2762b26
SHA256

5c267b69e006c0aa584ed5f5bfdb13caa07f8071aea32e19fb9827da59a82a79
SHA512

2e6a904c5cc1036e7b98fd1fbec91ed4c6a233f7c59753cee380335aa84658f367d7def01e32780f0bd88d727e8fb42a2fe00bf169b63a5a898ca55ef6833e72
SSDEEP

3072:aObEaznWfH22ZsuX2xKwMPTnaSrIrvDGtOtPiNIb/lFB:ZznWjZnXeKwMLnaqYXtPiNy/lFB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5c267b69e006c0aa584ed5f5bfdb13caa07f8071aea32e19fb9827da59a82a79_NeikiAnalytics.exe

Files

5c267b69e006c0aa584ed5f5bfdb13caa07f8071aea32e19fb9827da59a82a79_NeikiAnalytics.exe
.exe windows:6 windows x86 arch:x86

cbe5375169eb8ca5f4bfa4ce0107aad4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

OptionalFeatures.pdb

Imports

kernel32

HeapSetInformation
GetUserDefaultUILanguage
GetLocaleInfoW
GetLastError
CompareStringOrdinal
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
GetStartupInfoW
InterlockedCompareExchange
Sleep
InterlockedExchange

user32

DestroyWindow
GetClassNameW
GetWindow
DestroyIcon
SendMessageW
SetWindowLongW
GetWindowLongW
DefWindowProcW
CreateWindowExW
RegisterClassW
LoadCursorW

msvcrt

_cexit
_exit
_XcptFilter
exit
_wcmdln
_initterm
__setusermatherr
__p__commode
__p__fmode
__set_app_type
?terminate@@YAXXZ
_except_handler4_common
_controlfp
_amsg_exit
__wgetmainargs

shlwapi

ord10

appwiz.cpl

RunOCMW

gdi32

GetStockObject

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cbe5375169eb8ca5f4bfa4ce0107aad4

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

msvcrt

shlwapi

appwiz.cpl

gdi32

Sections

.text Size: 5KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 928B

.rsrc Size: 87KB - Virtual size: 86KB

.reloc Size: 28KB - Virtual size: 29KB

.text
Size: 5KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 928B

.rsrc
Size: 87KB - Virtual size: 86KB

.reloc
Size: 28KB - Virtual size: 29KB