825abf25ab12bd60fd06bf7f35128dff694e6d17d060e0a5c570750927513900_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

825abf25ab12bd60fd06bf7f35128dff694e6d17d060e0a5c570750927513900_NeikiAnalytics.exe
Size

1.5MB
MD5

d57820914e2657fe06c1d5cb2c7c6450
SHA1

ed752876329761f5ed3c4dff62bb34946c3ae737
SHA256

825abf25ab12bd60fd06bf7f35128dff694e6d17d060e0a5c570750927513900
SHA512

1e885bc3f22a7c2bb492319d57ed84fe1804a2b17be6e2b6053f3ba8b716c4c45b5aa202411755fb9563430a390b36d567a36f863a0b2bb3c8c3a69a5236f045
SSDEEP

24576:AWo9Dku7WTIbzCup9TShRNGaePfkk8KcflAfZP:AZk9I9/TQRJe3kztfqZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
825abf25ab12bd60fd06bf7f35128dff694e6d17d060e0a5c570750927513900_NeikiAnalytics.exe

Files

825abf25ab12bd60fd06bf7f35128dff694e6d17d060e0a5c570750927513900_NeikiAnalytics.exe
.dll windows:5 windows x86 arch:x86

6eefd10e1115fff7069e9df93fd87bb1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\builds\build-sourcemod\win32-1.5\OUTPUT\dbi.mysql.ext\dbi.mysql.ext.pdb

Imports

wsock32

inet_addr
gethostbyname
getpeername
shutdown
closesocket
setsockopt
send
recv
select
__WSAFDIsSet
inet_ntoa
WSAStartup
WSACleanup
getservbyname
ntohs
socket
WSAGetLastError
ioctlsocket
htons
connect

kernel32

GetDriveTypeA
GetDriveTypeW
GetFileInformationByHandle
GetFullPathNameA
SetEnvironmentVariableW
GetCurrentDirectoryW
PeekNamedPipe
GetFileType
CreateFileW
GetProcessHeap
SetEndOfFile
WriteConsoleW
CloseHandle
SetNamedPipeHandleState
WaitNamedPipeA
CreateFileA
GetLastError
UnmapViewOfFile
WaitForSingleObject
SetEvent
MapViewOfFile
OpenFileMappingA
OpenEventA
GetSystemDirectoryA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetWindowsDirectoryA
FindClose
FindNextFileA
FindFirstFileA
LeaveCriticalSection
EnterCriticalSection
GetLocaleInfoA
ReadFile
WriteFile
WaitForMultipleObjects
DeleteCriticalSection
TlsFree
InitializeCriticalSection
TlsSetValue
TlsGetValue
TlsAlloc
InterlockedIncrement
CreateSemaphoreA
InterlockedDecrement
GetFileAttributesExA
QueryPerformanceCounter
QueryPerformanceFrequency
DecodePointer
EncodePointer
RtlUnwind
HeapFree
HeapAlloc
GetCurrentThreadId
GetCommandLineA
GetModuleHandleW
ExitProcess
WideCharToMultiByte
GetTimeZoneInformation
SetStdHandle
InitializeCriticalSectionAndSpinCount
HeapReAlloc
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileExA
GetStdHandle
GetModuleFileNameW
GetLocaleInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetLastError
IsProcessorFeaturePresent
HeapCreate
HeapDestroy
RaiseException
Sleep
HeapSize
SetHandleCount
GetStartupInfoW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LoadLibraryW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetStringTypeW
MultiByteToWideChar
SetFilePointer
GetConsoleCP
GetConsoleMode
FlushFileBuffers
VirtualQuery
LCMapStringW
CompareStringW
SetEnvironmentVariableA

advapi32

RegCloseKey
RegOpenKeyExA
CryptReleaseContext
CryptAcquireContextA
CryptGenRandom
RegEnumValueA

Exports

Exports

GetSMExtAPI

Sections

.text
Size: 397KB - Virtual size: 396KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1001KB - Virtual size: 1015KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6eefd10e1115fff7069e9df93fd87bb1

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

wsock32

kernel32

advapi32

Exports

Exports

Sections

.text Size: 397KB - Virtual size: 396KB

.rdata Size: 75KB - Virtual size: 75KB

.data Size: 1001KB - Virtual size: 1015KB

.rsrc Size: 1024B - Virtual size: 968B

.reloc Size: 23KB - Virtual size: 22KB

.text
Size: 397KB - Virtual size: 396KB

.rdata
Size: 75KB - Virtual size: 75KB

.data
Size: 1001KB - Virtual size: 1015KB

.rsrc
Size: 1024B - Virtual size: 968B

.reloc
Size: 23KB - Virtual size: 22KB