18861801e5b71ff82e9a64ac66cbc09f54f0ea960f4f28c433ed4a5a19fe27e0_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

18861801e5b71ff82e9a64ac66cbc09f54f0ea960f4f28c433ed4a5a19fe27e0_NeikiAnalytics.exe
Size

18KB
MD5

92f19e585207d331f49e1f98e36769b0
SHA1

8bb27a111293a59522d623327f1e98a28f9aca2f
SHA256

18861801e5b71ff82e9a64ac66cbc09f54f0ea960f4f28c433ed4a5a19fe27e0
SHA512

68a4446c3126aad344c3e728744be4acfb732c8d52c0fbda873c9a55b0624b16d95ff366c94fce16805760cbbe700597bafd12af5667be5641e98dc1839681f1
SSDEEP

384:lCDC+S4iWcU4+LpfaIMecmE0g5K3ScUyVtdFtHT6a:8DhiWcURLp2ec7j5KxPtdFtHT7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18861801e5b71ff82e9a64ac66cbc09f54f0ea960f4f28c433ed4a5a19fe27e0_NeikiAnalytics.exe

Files

18861801e5b71ff82e9a64ac66cbc09f54f0ea960f4f28c433ed4a5a19fe27e0_NeikiAnalytics.exe
.dll windows:5 windows x86 arch:x86

c62ad4f61046c36463bc9b71be726127

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\lhc\3.2\Bin\Release\export_util.pdb

Imports

msvcr110

__dllonexit
_onexit
??1type_info@@UAE@XZ
__CppXcptFilter
_amsg_exit
free
_malloc_crt
_initterm
_calloc_crt
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
_except_handler4_common
__clean_type_info_names_internal
_unlock
_lock
?terminate@@YAXXZ
??2@YAPAXI@Z
getc
fclose
fseek
ftell
fwrite
ferror
_purecall
fread
??_V@YAXPAX@Z
_CxxThrowException
__CxxFrameHandler3
fgets
??3@YAXPAX@Z
fflush
fscanf_s
memmove
feof
fputc
_wfopen_s
_initterm_e
memcpy

kernel32

EncodePointer
DecodePointer
IsDebuggerPresent
IsProcessorFeaturePresent
QueryPerformanceCounter
LocalFree
LocalAlloc
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId

msvcp110

?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z
?_Xbad_alloc@std@@YAXXZ
?_Winerror_map@std@@YAPBDH@Z
?_Syserror_map@std@@YAPBDH@Z

cximagecrtu

??0CxImage@@QAE@ABV0@_N11@Z
?Scanf@CxMemFile@@UAEHPBDPAX@Z
?GetS@CxMemFile@@UAEPADPADH@Z
?GetC@CxMemFile@@UAEHXZ
?PutC@CxMemFile@@UAE_NE@Z
?Error@CxMemFile@@UAEHXZ
?Eof@CxMemFile@@UAE_NXZ
?Flush@CxMemFile@@UAE_NXZ
??0CxImage@@QAE@I@Z
?Tell@CxMemFile@@UAEHXZ
?Seek@CxMemFile@@UAE_NHH@Z
?Write@CxMemFile@@UAEIPBXII@Z
?Read@CxMemFile@@UAEIPAXII@Z
?Close@CxMemFile@@UAE_NXZ
??1CxMemFile@@UAE@XZ
??0CxMemFile@@QAE@PAEI@Z
?DestroyFrames@CxImage@@QAE_NXZ
?Size@CxMemFile@@UAEHXZ
?Destroy@CxImage@@QAE_NXZ

mfc110u

ord324
ord1046
ord2311
ord2194
ord323
ord1045
ord2354
ord2357
ord2322
ord2356
ord484
ord2216
ord2320
ord2134
ord2248
ord2345
ord3791
ord1505

Exports

Exports

??0Cexport_util@@QAE@XZ
??0CxFile@@QAE@ABV0@@Z
??0CxFile@@QAE@XZ
??0CxIOFile@@QAE@ABV0@@Z
??0CxIOFile@@QAE@PAU_iobuf@@@Z
??0CxMemFile@@QAE@ABV0@@Z
??1CxFile@@UAE@XZ
??1CxIOFile@@UAE@XZ
??1CxImage@@UAE@XZ
??4Cexport_util@@QAEAAV0@ABV0@@Z
??4CxFile@@QAEAAV0@ABV0@@Z
??4CxIOFile@@QAEAAV0@ABV0@@Z
??4CxMemFile@@QAEAAV0@ABV0@@Z
??_7CxFile@@6B@
??_7CxIOFile@@6B@
??_7CxImage@@6B@
??_7CxMemFile@@6B@
??_FCxIOFile@@QAEXXZ
??_FCxImage@@QAEXXZ
??_FCxMemFile@@QAEXXZ
??_OCxImage@@QAEXAAV0@@Z
?Close@CxIOFile@@UAE_NXZ
?Eof@CxIOFile@@UAE_NXZ
?Error@CxIOFile@@UAEHXZ
?Flush@CxIOFile@@UAE_NXZ
?GetC@CxIOFile@@UAEHXZ
?GetExifInfo@CxImage@@QAEPAUtag_ExifInfo@@XZ
?GetS@CxIOFile@@UAEPADPADH@Z
?Open@CxIOFile@@QAE_NPB_W0@Z
?PutC@CxFile@@UAE_NE@Z
?PutC@CxIOFile@@UAE_NE@Z
?Read@CxIOFile@@UAEIPAXII@Z
?Scanf@CxIOFile@@UAEHPBDPAX@Z
?Seek@CxIOFile@@UAE_NHH@Z
?Size@CxIOFile@@UAEHXZ
?Tell@CxIOFile@@UAEHXZ
?Write@CxIOFile@@UAEIPBXII@Z
?__autoclassinit@CxIOFile@@QAEXI@Z
?__autoclassinit@CxImage@@QAEXI@Z
?__autoclassinit@CxMemFile@@QAEXI@Z
?fnexport_util@@YAHXZ
?nexport_util@@3HA

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c62ad4f61046c36463bc9b71be726127

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcr110

kernel32

msvcp110

cximagecrtu

mfc110u

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 648B

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 648B

.reloc
Size: 2KB - Virtual size: 2KB