8294c4a77dd715e2a7239a263f9fa96fd1600840f214b9928ee1f3a6d35dee58_NeikiAnalytics[.]exe

General

Target

8294c4a77dd715e2a7239a263f9fa96fd1600840f214b9928ee1f3a6d35dee58_NeikiAnalytics.exe
Size

60KB
MD5

35529beb32a62aa92e053d94d0c701a0
SHA1

7816a1cda4d481a553105caa644c5ebd77719588
SHA256

8294c4a77dd715e2a7239a263f9fa96fd1600840f214b9928ee1f3a6d35dee58
SHA512

cec90caf5270e1fccd6c249e104dc0b86f8f1acbe101d0675e6e11e4cecef684c56fde60d96cf72be08d3f12b7f0bc3ac7a364d2498bc8f9a5dccc620df12810
SSDEEP

1536:MXyK8SVdNMfej/7SxURxLJk3lZXwXQ2XO1XoNHs709:mygzjBK3lZAHe12y0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8294c4a77dd715e2a7239a263f9fa96fd1600840f214b9928ee1f3a6d35dee58_NeikiAnalytics.exe

Files

8294c4a77dd715e2a7239a263f9fa96fd1600840f214b9928ee1f3a6d35dee58_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

ed1008c24ac38cc79105f2154b7d4ace

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Dev\SecurWrapClient\Sw-7.0\LaunchApp\Release\LaunchApp.pdb

Imports

kernel32

GetModuleHandleA
CloseHandle
CreateProcessA
GetStartupInfoA
GetFileAttributesA
GetModuleFileNameA
ExitProcess
GetProcAddress
TerminateProcess
GetCurrentProcess
GetCommandLineA
GetVersionExA
HeapFree
HeapAlloc
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetACP
GetOEMCP
GetCPInfo
TlsAlloc
SetLastError
GetLastError
TlsFree
TlsSetValue
TlsGetValue
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
SetFilePointer
InitializeCriticalSection
RtlUnwind
HeapSize
InterlockedExchange
VirtualQuery
LoadLibraryA
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
GetLocaleInfoA
VirtualProtect
GetSystemInfo
FlushFileBuffers

user32

LoadStringA
MessageBoxA

Sections

.text
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ed1008c24ac38cc79105f2154b7d4ace

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

Sections

.text Size: 28KB - Virtual size: 25KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 4KB - Virtual size: 9KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 28KB - Virtual size: 25KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 16KB - Virtual size: 15KB