05a55e0d3e05d81cb4f516835d9a163ba354730712521e223c530d4a25b11d5c_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

05a55e0d3e05d81cb4f516835d9a163ba354730712521e223c530d4a25b11d5c_NeikiAnalytics.exe
Size

158KB
MD5

0c383950fc13831586af766bf52506a0
SHA1

bbdcfdd466af5de228fa881a6be64eb563142e01
SHA256

05a55e0d3e05d81cb4f516835d9a163ba354730712521e223c530d4a25b11d5c
SHA512

afbd5804ea4eff06caac328b7faae342e460c4e4ff54bac9d88724a2fb54b2e6673219d907df1c975f436e4cf0d0145ff6932aa7954faa57b4a2c9f0cbdf73ac
SSDEEP

3072:r3KVgERnH44iq4yL3IOMwhD+GtAMHXE6fevKsIV4STELYnx8mWtenZ0phjxoJ8aI:eHH44+8YyZevCmpK247dDx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05a55e0d3e05d81cb4f516835d9a163ba354730712521e223c530d4a25b11d5c_NeikiAnalytics.exe

Files

05a55e0d3e05d81cb4f516835d9a163ba354730712521e223c530d4a25b11d5c_NeikiAnalytics.exe
.dll windows:6 windows x86 arch:x86

7f713989cf6ff75c12618f77a3a3f5ab

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

python310

PyLong_FromLong
PyLong_FromSize_t
PyLong_AsSsize_t
PyLong_FromLongLong
PyLong_FromUnsignedLongLong
PyLong_AsLongLong
PyLong_AsUnsignedLongLong
PyFloat_FromDouble
PyFloat_AsDouble
PyTuple_New
PyTuple_Pack
PyList_New
PyList_AsTuple
PyDict_New
PyDict_GetItem
PyDict_SetItem
PyDict_GetItemString
PyDict_SetItemString
_PyDict_GetItem_KnownHash
PyModule_NewObject
PyModule_GetDict
PyModule_GetName
PyModuleDef_Init
PyCapsule_New
PyCapsule_GetPointer
PyCode_NewEmpty
PyTraceBack_Here
PyInterpreterState_GetID
PyThreadState_Get
_PyThreadState_UncheckedGet
PyObject_Call
PyObject_CallObject
PyObject_GetItem
PyObject_SetItem
PyObject_Format
PyObject_GetIter
PyIter_Send
PyNumber_Add
PyNumber_Subtract
PyNumber_Multiply
PyNumber_FloorDivide
PyNumber_Remainder
PyNumber_Power
PyNumber_Invert
PyNumber_Lshift
PyNumber_And
PyNumber_Index
PyNumber_Long
PyNumber_InPlaceMultiply
PyNumber_InPlacePower
PyNumber_InPlaceRshift
PySequence_GetSlice
PySequence_Tuple
PyObject_IsSubclass
PyObject_VectorcallDict
_PyGen_SetStopIterationValue
PyDescr_IsData
PyErr_WarnEx
PyObject_ClearWeakRefs
PyUnicode_AsUTF8
PyErr_SetObject
PyErr_SetString
PyErr_Occurred
PyErr_Clear
PyErr_GivenExceptionMatches
PyErr_ExceptionMatches
PyErr_NormalizeException
PyException_SetTraceback
PyException_SetCause
PyErr_Format
PyErr_WriteUnraisable
PyOS_snprintf
PyArg_UnpackTuple
PyModule_AddObject
PyRun_StringFlags
Py_GetVersion
Py_EnterRecursiveCall
Py_LeaveRecursiveCall
PyEval_SaveThread
PyEval_RestoreThread
PyImport_GetModuleDict
PyImport_GetModule
PyImport_AddModule
PyImport_ImportModule
PyImport_ImportModuleLevelObject
PyFrame_New
PyBaseObject_Type
_Py_NoneStruct
PyUnicode_Type
PyLong_Type
_Py_FalseStruct
_Py_TrueStruct
PyFloat_Type
PyTuple_Type
PyList_Type
PyCFunction_Type
PyMethod_Type
PyCapsule_Type
PyTraceBack_Type
PyGen_Type
PyCoro_Type
PyAsyncGen_Type
PyExc_Exception
PyExc_StopAsyncIteration
PyExc_StopIteration
PyExc_GeneratorExit
PyExc_AttributeError
PyExc_ImportError
PyExc_ModuleNotFoundError
PyExc_NameError
PyExc_OverflowError
PyExc_RuntimeError
PyExc_SystemError
PyExc_TypeError
PyExc_UnboundLocalError
PyExc_ValueError
PyExc_DeprecationWarning
PyExc_RuntimeWarning
PyObject_Not
_PyUnicode_FastCopyCharacters
_PyUnicode_Ready
PyUnicode_New
PyUnicode_Join
PyUnicode_Concat
PyUnicode_Decode
PyUnicode_InternFromString
PyUnicode_FromFormat
PyUnicode_FromString
PyUnicode_FromStringAndSize
PyBytes_FromStringAndSize
PyObject_GC_IsFinalized
PyObject_GC_Del
PyObject_GC_UnTrack
PyObject_GC_Track
_PyObject_GC_New
PyGC_Disable
PyGC_Enable
PyObject_Init
_PyObject_GenericGetAttrWithDict
PyObject_CallFinalizerFromDealloc
_PyObject_GetDictPtr
_PyType_Lookup
PyErr_SetNone
_Py_Dealloc
PyObject_IsTrue
PyObject_Hash
PyObject_GenericGetAttr
PyObject_SelfIter
PyObject_SetAttr
PyObject_GetAttr
PyObject_SetAttrString
PyObject_GetAttrString
PyObject_RichCompare
PyType_Ready
PyType_IsSubtype
PyMem_Realloc
PyErr_WarnFormat
PyMem_Malloc

vcruntime140

strchr
strrchr
memcpy
__std_type_info_destroy_list
memset
_except_handler4_common

api-ms-win-crt-math-l1-1-0

_dsign

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_execute_onexit_table
_cexit
_initterm

kernel32

IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter

Exports

Exports

PyInit__common

Sections

.text
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7f713989cf6ff75c12618f77a3a3f5ab

Headers

DLL Characteristics

File Characteristics

Imports

python310

vcruntime140

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-runtime-l1-1-0

kernel32

Exports

Exports

Sections

.text Size: 129KB - Virtual size: 129KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 1KB - Virtual size: 4KB

.reloc Size: 9KB - Virtual size: 9KB

.text
Size: 129KB - Virtual size: 129KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 1KB - Virtual size: 4KB

.reloc
Size: 9KB - Virtual size: 9KB