6b491d527e0809eb835574a1e3a26b4e434999b00835ed715cbcb9c26faa8894_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

6b491d527e0809eb835574a1e3a26b4e434999b00835ed715cbcb9c26faa8894_NeikiAnalytics.exe
Size

1.2MB
MD5

b8eeaf2596ce9fee40c62c24db960ad0
SHA1

45848ac3b5c2a046d4dd73ca68c3e5db0e8e7fe5
SHA256

6b491d527e0809eb835574a1e3a26b4e434999b00835ed715cbcb9c26faa8894
SHA512

71cf60b81c067e30a223bf02a068f1a0aaf6ef5920d1634e6e97b35ccc0ea4620d78b593e2c49a7810cc7df90d71bee5136b8fb3dc4da3971d0ad8ea44d1849c
SSDEEP

24576:Kk52IuabfycLtd6Ji75SYHXtCQWh+O5CDUbgPygBmhhQi6iH+92T:9uCfycLtLYQWh+DDU8PygBmhhQi6iH+a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6b491d527e0809eb835574a1e3a26b4e434999b00835ed715cbcb9c26faa8894_NeikiAnalytics.exe

Files

6b491d527e0809eb835574a1e3a26b4e434999b00835ed715cbcb9c26faa8894_NeikiAnalytics.exe
.dll windows:6 windows x86 arch:x86

d7d797ca30cf6afba98a08a262000829

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

python35

PySequence_Check
PyList_Append
PyObject_Not
PySequence_SetSlice
PyList_Insert
PyObject_Call
PyDict_DelItemString
PySlice_New
PyObject_RichCompare
PyLong_FromSsize_t
PySequence_List
PyCapsule_New
PyModule_Create2
PyCapsule_GetPointer
PyUnicode_FromString
PyType_Modified
PyObject_CallMethodObjArgs
PyObject_Str
PyUnicode_FromEncodedObject
PyNumber_Long
PyObject_CallObject
PyObject_GetItem
PySlice_GetIndicesEx
PyDict_GetItemString
PyTuple_Size
PyObject_AsReadBuffer
PySet_New
PyUnicode_AsUTF8
PyObject_ClearWeakRefs
PyModule_AddObject
PyExc_OverflowError
PyTuple_Type
PyBool_Type
PyDict_Type
PyDict_Next
PyObject_GetIter
PyIter_Next
PyLong_AsLongLong
PyBytes_FromString
PyLong_AsUnsignedLongLong
PyFloat_AsDouble
PyObject_GetAttr
Py_BuildValue
PyObject_SetAttrString
PyList_SetSlice
PyObject_GenericGetAttr
PyUnicode_DecodeUTF8
PyBytes_AsString
PySlice_Type
PyErr_WarnEx
PyWeakref_NewRef
PyUnicode_AsEncodedString
PyObject_Repr
PyExc_SystemError
PyObject_IsTrue
PyDict_New
PyDict_SetItem
PyType_FromSpecWithBases
PyExc_RuntimeError
PyImport_ImportModule
PyObject_HashNotImplemented
PyType_GenericAlloc
PyExc_MemoryError
PyArg_ParseTupleAndKeywords
PyErr_Print
PyObject_CallMethod
PyObject_GetAttrString
PyLong_AsLong
PyObject_CallFunction
PySequence_GetItem
PyArg_UnpackTuple
PyExc_IndexError
_PyObject_New
PyNumber_AsSsize_t
_Py_NotImplementedStruct
PyDict_GetItem
PyList_Type
PyList_GetItem
PyObject_RichCompareBool
PyUnicode_FromFormat
PyObject_CallFunctionObjArgs
PyErr_ExceptionMatches
PyList_Size
PyDict_Size
PyTuple_New
PyErr_SetNone
PyErr_Occurred
PyObject_SelfIter
PyErr_SetObject
PyEval_CallObjectWithKeywords
PyUnicode_FromStringAndSize
PyArg_ParseTuple
PyType_Type
PyLong_FromSize_t
PyList_SetItem
_PyObject_GC_New
_Py_TrueStruct
PyTuple_Pack
PyEval_GetFrame
PyExc_TypeError
PyExc_NotImplementedError
PyBytes_FromStringAndSize
PyObject_GC_Track
PyLong_FromVoidPtr
PyErr_Clear
PyType_Ready
PyList_New
PyObject_GC_Del
PyObject_Free
PyType_IsSubtype
_Py_FalseStruct
PyErr_Format
PyExc_ValueError
PyErr_SetString
PyExc_AttributeError
PyFloat_FromDouble
PyLong_FromLongLong
PyDict_SetItemString
_Py_NoneStruct
PyBytes_AsStringAndSize
PyLong_FromUnsignedLongLong
PyLong_FromLong
PyUnicode_AsUTF8AndSize
_PyErr_BadInternalCall
PyExc_KeyError
PyBool_FromLong
PyUnicode_InternFromString

kernel32

FindNextFileW
HeapSize
WriteConsoleW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetProcessHeap
SetFilePointerEx
SetStdHandle
FlushFileBuffers
GetStdHandle
GetModuleHandleExW
ExitProcess
HeapReAlloc
HeapFree
HeapAlloc
GetConsoleCP
WriteFile
GetConsoleMode
GetFileType
CreateFileW
RtlUnwind
LoadLibraryW
CreateTimerQueue
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
ReleaseSemaphore
DuplicateHandle
VirtualProtect
VirtualFree
VirtualAlloc
GetVersionExW
LoadLibraryExW
GetModuleHandleA
GetModuleFileNameW
FreeLibraryAndExitThread
FreeLibrary
GetThreadTimes
GetCurrentThread
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
CreateThread
SwitchToThread
SignalObjectAndWait
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetCurrentProcessId
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
ResetEvent
SetEvent
CloseHandle
GetCPInfo
LCMapStringW
QueryPerformanceCounter
GetProcAddress
GetModuleHandleW
GetTickCount
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
Sleep
CreateEventW
InitializeCriticalSectionAndSpinCount
GetStringTypeW
FormatMessageW
GetCurrentThreadId
DeleteCriticalSection
TryEnterCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
DecodePointer
EncodePointer
WideCharToMultiByte
MultiByteToWideChar
FindClose
GetLastError
SetLastError

Exports

Exports

PyInit__message

Sections

.text
Size: 922KB - Virtual size: 922KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 191KB - Virtual size: 191KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 133B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d7d797ca30cf6afba98a08a262000829

Headers

DLL Characteristics

File Characteristics

Imports

python35

kernel32

Exports

Exports

Sections

.text Size: 922KB - Virtual size: 922KB

.rdata Size: 191KB - Virtual size: 191KB

.data Size: 25KB - Virtual size: 30KB

.tls Size: 512B - Virtual size: 133B

.gfids Size: 3KB - Virtual size: 2KB

.rsrc Size: 512B - Virtual size: 248B

.reloc Size: 44KB - Virtual size: 43KB

.text
Size: 922KB - Virtual size: 922KB

.rdata
Size: 191KB - Virtual size: 191KB

.data
Size: 25KB - Virtual size: 30KB

.tls
Size: 512B - Virtual size: 133B

.gfids
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 512B - Virtual size: 248B

.reloc
Size: 44KB - Virtual size: 43KB