5f7c9b901567da2b14dcdab2bb4b14f80820032ef92340136368ef1a67426f38_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

5f7c9b901567da2b14dcdab2bb4b14f80820032ef92340136368ef1a67426f38_NeikiAnalytics.exe
Size

491KB
MD5

0a9a2b21fb2a5f8b18d925ca13ea79d0
SHA1

b89399f5dd81295a4177f8abdba72ceb22c57fed
SHA256

5f7c9b901567da2b14dcdab2bb4b14f80820032ef92340136368ef1a67426f38
SHA512

299becfe791d0cab30d430bf4f67fe7712cd0e6240557c04a2462d592894a2ada5f69de512c1e5b2bb5c54f0873558048befe88b047ee9c04a6bbfceb26d7f56
SSDEEP

6144:gLQRLRusCvkjgDsxe1HfFEKZLfa/MOsqGvZN1GQOBMfjrYwiuA:gaR7Cv2gXtHLfa/M5fIQO+j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
5f7c9b901567da2b14dcdab2bb4b14f80820032ef92340136368ef1a67426f38_NeikiAnalytics.exe

Files

5f7c9b901567da2b14dcdab2bb4b14f80820032ef92340136368ef1a67426f38_NeikiAnalytics.exe
.exe windows:5 windows x86 arch:x86

3f02be335eba999de4248c772005a3aa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetNumaProcessorNode
GetLocaleInfoA
GetStringTypeA
GlobalAddAtomA
InterlockedDecrement
SetDefaultCommConfigW
CreateJobObjectW
GetNamedPipeHandleStateA
SetVolumeMountPointW
GetModuleHandleW
GetTickCount
EnumCalendarInfoExW
GetConsoleAliasesA
GlobalAlloc
LoadLibraryW
FormatMessageW
WriteConsoleOutputA
lstrcpynW
GetTimeFormatW
LocalReAlloc
WriteConsoleW
GetConsoleAliasesLengthW
GetStringTypeExA
CreateJobObjectA
SetLastError
GetThreadLocale
GetProcAddress
LoadLibraryA
UnhandledExceptionFilter
RegisterWaitForSingleObject
SetCalendarInfoW
OpenJobObjectW
FindAtomA
SetConsoleTitleW
lstrcatW
BuildCommDCBA
OpenFileMappingA
FindNextVolumeA
AreFileApisANSI
LocalFileTimeToFileTime
GetModuleHandleA
GetModuleFileNameW
SetVolumeLabelA
HeapAlloc
GetLastError
HeapReAlloc
GetStartupInfoW
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
IsDebuggerPresent
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapFree
VirtualFree
VirtualAlloc
HeapCreate
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
SetFilePointer
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
InitializeCriticalSectionAndSpinCount
RtlUnwind
MultiByteToWideChar
ReadFile
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
LCMapStringA
LCMapStringW
GetStringTypeW
HeapSize
FlushFileBuffers
CreateFileA
CloseHandle
RaiseException

user32

LoadIconA

advapi32

QueryServiceLockStatusW

Sections

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 292KB - Virtual size: 291KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 31.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3f02be335eba999de4248c772005a3aa

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 64KB - Virtual size: 64KB

.rdata Size: 292KB - Virtual size: 291KB

.data Size: 22KB - Virtual size: 31.1MB

.tls Size: 1KB - Virtual size: 1KB

.rsrc Size: 110KB - Virtual size: 109KB

.text
Size: 64KB - Virtual size: 64KB

.rdata
Size: 292KB - Virtual size: 291KB

.data
Size: 22KB - Virtual size: 31.1MB

.tls
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 110KB - Virtual size: 109KB