94386fe3be5412d46a72d64b1a42130626540c818db429a3d63a1b19d05f6132_NeikiAnalytics[.]exe

Resubmissions

13/02/2025, 08:40

250213-kk5t2swnht 8

24/06/2024, 17:16

240624-vtbyfawhqq 7

Sharing

Copy URL

Twitter E-mail

General

Target

94386fe3be5412d46a72d64b1a42130626540c818db429a3d63a1b19d05f6132_NeikiAnalytics.exe
Size

5.3MB
MD5

5b51c39031153a67715befab4ec6ac40
SHA1

42ba0c38f39ac7ff5dccccc927c0c9015a97a77b
SHA256

94386fe3be5412d46a72d64b1a42130626540c818db429a3d63a1b19d05f6132
SHA512

46e5c1795ece6a85aea64d21bf1058c8f9e84ad7220a1b8464cbf53ddede8dbf45632faf400900364b3cb5e851b9a27b83aa6ed8b3b85e49657857c12a257546
SSDEEP

98304:5JSLr1OGF23jI/RRBJglqWq/o7vnZkGCf8qwWFobTL2ymoa4+Rl:5ALrlozIJglqWqAzZsXwWWTaBn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
94386fe3be5412d46a72d64b1a42130626540c818db429a3d63a1b19d05f6132_NeikiAnalytics.exe

Files

94386fe3be5412d46a72d64b1a42130626540c818db429a3d63a1b19d05f6132_NeikiAnalytics.exe
.exe windows:5 windows x64 arch:x64

9849db5f4f3c83a20295a277cf9ddc2d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetVersionExA
GetVersion
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

oleaut32

SysAllocStringLen

user32

MessageBoxA
CharUpperBuffW

advapi32

RegCreateKeyExA

gdi32

CreateFontIndirectA

shell32

SHFileOperationA

comctl32

InitCommonControls

wsock32

accept

Sections

.text
Size: - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1.2MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jtC
Size: - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.+b
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.e3q
Size: 5.3MB - Virtual size: 5.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Resubmissions

Sharing

General

Malware Config

Signatures

Files

9849db5f4f3c83a20295a277cf9ddc2d

Headers

File Characteristics

Imports

kernel32

oleaut32

user32

advapi32

gdi32

shell32

comctl32

wsock32

Sections

.text Size: - Virtual size: 268KB

.data Size: - Virtual size: 10KB

.rdata Size: - Virtual size: 67KB

.pdata Size: - Virtual size: 17KB

.bss Size: - Virtual size: 1.2MB

.CRT Size: - Virtual size: 40B

.idata Size: - Virtual size: 7KB

.jtC Size: - Virtual size: 3.0MB

.+b Size: 4KB - Virtual size: 3KB

.e3q Size: 5.3MB - Virtual size: 5.3MB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: - Virtual size: 268KB

.data
Size: - Virtual size: 10KB

.rdata
Size: - Virtual size: 67KB

.pdata
Size: - Virtual size: 17KB

.bss
Size: - Virtual size: 1.2MB

.CRT
Size: - Virtual size: 40B

.idata
Size: - Virtual size: 7KB

.jtC
Size: - Virtual size: 3.0MB

.+b
Size: 4KB - Virtual size: 3KB

.e3q
Size: 5.3MB - Virtual size: 5.3MB

.rsrc
Size: 10KB - Virtual size: 9KB