835fa1c2fbba3005e453bab1a36b9a9c77d345197553ade815e5b4e976487e89_NeikiAnalytics[.]exe

Resubmissions

22-06-2024 09:04

240622-k13dvswfpr 10

22-06-2024 05:53

240622-glg8lavbrn 10

Sharing

Copy URL

Twitter E-mail

General

Target

835fa1c2fbba3005e453bab1a36b9a9c77d345197553ade815e5b4e976487e89_NeikiAnalytics.exe
Size

9.6MB
MD5

a75e524f17faa4befe802508e16719c0
SHA1

32ff457d4a1c7d11e6a9062bda7e50765edb8de8
SHA256

835fa1c2fbba3005e453bab1a36b9a9c77d345197553ade815e5b4e976487e89
SHA512

40f4b9b98875349515f51cbc242147818de73488a481cd079622249d97471d0e6a714d10cc3d36a495dd4905c5ac5b62d842b7b84ed63d01eb8584e76dd01d9c
SSDEEP

196608:SONojzJF63e3CLEfX3cxLlUiBCfNxBolZkiACy7o:SONojzJF6vEfAZP4PBol1ACy7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
835fa1c2fbba3005e453bab1a36b9a9c77d345197553ade815e5b4e976487e89_NeikiAnalytics.exe

Files

835fa1c2fbba3005e453bab1a36b9a9c77d345197553ade815e5b4e976487e89_NeikiAnalytics.exe
.exe windows:5 windows x86 arch:x86

e669b3b972188b80ef9f674dddc637a2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\SurfRight\Producten\HitmanPro35\bin\x86\Release MT\HitmanPro.pdb

Imports

kernel32

GetModuleHandleW
GetLastError
WaitForMultipleObjects
CreateEventW
CloseHandle
SetEvent
ResetEvent
WaitForSingleObject
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateThread
SignalObjectAndWait
TerminateThread
Sleep
VirtualAlloc
VirtualFree
OpenProcess
VirtualQueryEx
WaitForSingleObjectEx
CreateWaitableTimerW
SetWaitableTimer
LocalAlloc
LocalFree
LoadLibraryW
GetProcAddress
GlobalMemoryStatus
FreeLibrary
Heap32ListNext
Heap32Next
QueryPerformanceCounter
Heap32First
Heap32ListFirst
GetTickCount
GetSystemTimeAsFileTime
Thread32First
Thread32Next
VirtualUnlock
LoadLibraryA
Process32FirstW
VirtualLock
Module32FirstW
GetSystemInfo
Process32NextW
CreateToolhelp32Snapshot
GetCurrentThreadId
Module32NextW
GetCurrentProcessId
QueryPerformanceFrequency
SetThreadPriority
GetCurrentThread
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
SystemTimeToFileTime
LocalFileTimeToFileTime
CompareFileTime
GetLocalTime
FindResourceW
SizeofResource
LoadResource
LockResource
FreeResource
OutputDebugStringW
FileTimeToSystemTime
GetCalendarInfoW
SetLastError
InterlockedCompareExchange
GetWindowsDirectoryW
CreateFileW
GetFileSizeEx
InterlockedDecrement
FormatMessageW
FileTimeToLocalFileTime
GetLocaleInfoW
TryEnterCriticalSection
InterlockedIncrement
GetTempPathW
RemoveDirectoryW
FindFirstFileW
FindNextFileW
FindClose
GetFileAttributesW
GetModuleHandleA
GetCurrentProcess
RegisterWaitForSingleObject
InterlockedExchange
UnregisterWaitEx
PeekNamedPipe
FlushFileBuffers
DisconnectNamedPipe
ReadFile
GetOverlappedResult
WriteFile
WaitNamedPipeW
GetComputerNameW
GetFileAttributesExW
GetFileTime
SetFileTime
GetVersion
ResumeThread
GetCommandLineW
CreateProcessW
ConvertDefaultLocale
GetLogicalDriveStringsW
QueryDosDeviceW
GetSystemDirectoryW
SetThreadAffinityMask
DeleteFileW
GetModuleFileNameW
SetErrorMode
DeviceIoControl
GetStdHandle
GetVolumeInformationW
GetFileSize
SetFileAttributesW
CopyFileW
TerminateProcess
GetNumberFormatW
GetVersionExW
WTSGetActiveConsoleSessionId
ProcessIdToSessionId
GetProcessTimes
GlobalAlloc
OpenEventW
AllocConsole
MultiByteToWideChar
SetUnhandledExceptionFilter
VirtualProtect
VirtualQuery
OpenThread
SuspendThread
GetThreadContext
SetThreadContext
SearchPathW
DuplicateHandle
CreateSemaphoreW
ReleaseSemaphore
GetEnvironmentVariableW
WideCharToMultiByte
GetVolumeInformationA
ExpandEnvironmentStringsW
VerifyVersionInfoW
VerSetConditionMask
SetHandleInformation
CreateNamedPipeW
ConnectNamedPipe
GetThreadPriority
GetLongPathNameW
VirtualAllocEx
ReadProcessMemory
VirtualFreeEx
RaiseException
MoveFileW
GetCurrentDirectoryW
GetCurrentDirectoryA
GlobalFree
SetEndOfFile
SetFilePointerEx
FormatMessageA
GetFullPathNameW
GetFullPathNameA
CreateFileA
CreateMutexW
HeapCompact
SetFilePointer
MapViewOfFile
UnmapViewOfFile
UnlockFile
LockFile
UnlockFileEx
HeapDestroy
GetFileAttributesA
HeapCreate
HeapValidate
HeapSize
LockFileEx
GetDiskFreeSpaceW
CreateFileMappingA
CreateFileMappingW
GetDiskFreeSpaceA
OutputDebugStringA
GetVersionExA
GetTempPathA
GetSystemTime
AreFileApisANSI
DeleteFileA
ExitProcess
lstrlenA
UnhandledExceptionFilter
IsDebuggerPresent
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
GetFileType
GetConsoleCP
GetStartupInfoW
RtlUnwind
GetCPInfo
LCMapStringA
LCMapStringW
GetStringTypeW
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetModuleFileNameA
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsW
GetEnvironmentStringsW
InitializeCriticalSectionAndSpinCount
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetStringTypeA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetTimeZoneInformation
CompareStringW
SetEnvironmentVariableA
SetEnvironmentVariableW
CompareStringA

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 604KB - Virtual size: 603KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 61KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6.3MB - Virtual size: 6.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 166KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.zero
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

e669b3b972188b80ef9f674dddc637a2

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

Sections

.text Size: 2.5MB - Virtual size: 2.5MB

.rdata Size: 604KB - Virtual size: 603KB

.data Size: 61KB - Virtual size: 78KB

.rsrc Size: 6.3MB - Virtual size: 6.3MB

.reloc Size: 166KB - Virtual size: 165KB

.zero Size: 4KB - Virtual size: 3KB

.text
Size: 2.5MB - Virtual size: 2.5MB

.rdata
Size: 604KB - Virtual size: 603KB

.data
Size: 61KB - Virtual size: 78KB

.rsrc
Size: 6.3MB - Virtual size: 6.3MB

.reloc
Size: 166KB - Virtual size: 165KB

.zero
Size: 4KB - Virtual size: 3KB