5fec4513a8d3f458e09563c369caa43ceae3ccdc2579f26e2dd89657a06ff762_NeikiAnalytics[.]exe

General

Target

5fec4513a8d3f458e09563c369caa43ceae3ccdc2579f26e2dd89657a06ff762_NeikiAnalytics.exe
Size

9KB
MD5

c0a04bf4e5e55ad47780b33ad4a20510
SHA1

3815b0dbcff53dc9f449ca9ec06e69cbf3992c3c
SHA256

5fec4513a8d3f458e09563c369caa43ceae3ccdc2579f26e2dd89657a06ff762
SHA512

eb46d0207cdf4c1cc2d9d050161af14962ba1fe8c4b3472d2e06fac0ed6bfeb5ecf9ff555bd0ab9626434b153c4cbc98afb69d0eefc667affc947f0cb5418ec7
SSDEEP

192:/oldoKciifAK6WJaFjONuWdb0123KMyw05dw:A/iZJaFjk3yj5a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5fec4513a8d3f458e09563c369caa43ceae3ccdc2579f26e2dd89657a06ff762_NeikiAnalytics.exe

Files

5fec4513a8d3f458e09563c369caa43ceae3ccdc2579f26e2dd89657a06ff762_NeikiAnalytics.exe
.dll windows:6 windows x86 arch:x86

366599d4547e42d3a7d1e21d99cd5cb7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

core_rl_magickcore_

ThrowMagickException
SyncImageSettings
IsEventLogging
LogMagickEvent
RegisterMagickInfo
UnregisterMagickInfo
AcquireMagickInfo
SetImageRegistry
GetImageRegistry

vcruntime140

memset
_except_handler4_common
__std_type_info_destroy_list

api-ms-win-crt-runtime-l1-1-0

_initialize_narrow_environment
_seh_filter_dll
_initterm_e
_initterm
_initialize_onexit_table
_execute_onexit_table
_cexit
_configure_narrow_argv

kernel32

TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter

Exports

Exports

RegisterMPRImage
UnregisterMPRImage

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 392B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

366599d4547e42d3a7d1e21d99cd5cb7

Headers

DLL Characteristics

File Characteristics

Imports

core_rl_magickcore_

vcruntime140

api-ms-win-crt-runtime-l1-1-0

kernel32

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 1024B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 512B - Virtual size: 392B

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 1024B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 512B - Virtual size: 392B