1e5979990306305edd6ec282fe9eee22527ccfc88c4ac3ef0c6e3a4d96c28a21_NeikiAnalytics[.]exe

General

Target

1e5979990306305edd6ec282fe9eee22527ccfc88c4ac3ef0c6e3a4d96c28a21_NeikiAnalytics.exe
Size

92KB
MD5

dc7cbce978031afd193a91d78db36df0
SHA1

4a85fcb48b9e445bfd0528532b92578008e2beed
SHA256

1e5979990306305edd6ec282fe9eee22527ccfc88c4ac3ef0c6e3a4d96c28a21
SHA512

48c8a971b0fdefcfe614823b9998b995143a7392c03a9a8576047e585ddb09f434f2af2bc3557c9bab7ba64213a59ec7d1bbba1c5bcab5fbca9644d9847e40ba
SSDEEP

1536:XeR0YnOfrmebkcly1uKJpXIkSig0nRUhMLIgNSB6X9SH0lS0o/qkZZE6lRJIYD:XvYnOfrmfcly1u6XwwnGhNaSgtSH0oz5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1e5979990306305edd6ec282fe9eee22527ccfc88c4ac3ef0c6e3a4d96c28a21_NeikiAnalytics.exe

Files

1e5979990306305edd6ec282fe9eee22527ccfc88c4ac3ef0c6e3a4d96c28a21_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

2f301468f2c59b7264b2a8819f12031d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxW

advapi32

CloseServiceHandle
StartServiceCtrlDispatcherW
RegisterServiceCtrlHandlerW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
SetServiceStatus
RegSetValueExW
RegCreateKeyW
RegDeleteKeyW
RegisterEventSourceW
CreateServiceW
OpenSCManagerW
DeleteService
QueryServiceStatus
ControlService
OpenServiceW
QueryServiceConfigW
RegEnumKeyExW
DeregisterEventSource
ReportEventW

ole32

CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

VariantInit
VariantClear
SysFreeString
GetErrorInfo

kernel32

lstrlenW
LocalFree
GetVersionExW
GetComputerNameW
FormatMessageW
FreeLibrary
Sleep
OutputDebugStringW
LoadLibraryW
GetProcAddress
GetLastError

msvcrt

wcsncpy
wcsncat
memset
wcscmp
__set_app_type
__p__fmode
_except_handler3
_adjust_fdiv
_onexit
__dllonexit
wprintf
_wtoi
_wcsicmp
wcscat
wcscpy
wcslen
_ultow
_controlfp
swprintf
div
__setusermatherr
_exit
_itow
__p__commode
free
malloc
wcschr
_XcptFilter
exit
__p___winitenv
__wgetmainargs
_initterm

netapi32

NetApiBufferFree
NetGetAnyDCName

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2f301468f2c59b7264b2a8819f12031d

Headers

File Characteristics

Imports

user32

advapi32

ole32

oleaut32

kernel32

msvcrt

netapi32

Sections

.text Size: 32KB - Virtual size: 32KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 16KB - Virtual size: 17KB

.rsrc Size: 32KB - Virtual size: 32KB

.text
Size: 32KB - Virtual size: 32KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 16KB - Virtual size: 17KB

.rsrc
Size: 32KB - Virtual size: 32KB