52974a33d63e3ddccb3bda671abe09bc7df3b1e3d3ec467b31cb488ee362153f_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

52974a33d63e3ddccb3bda671abe09bc7df3b1e3d3ec467b31cb488ee362153f_NeikiAnalytics.exe
Size

31KB
MD5

a7ed5880db452cd4437f79522c316c90
SHA1

51b08b04f6a2cf5ddc5c379ecc05909c36d7f6b8
SHA256

52974a33d63e3ddccb3bda671abe09bc7df3b1e3d3ec467b31cb488ee362153f
SHA512

7439dcb8a6a529c6b57779cdbeb2fd8a736ac7ee5aa7b4a028b0fa477fde42acc947d795c72f6a33345892c98d5cad9723104d8fd5715971ea74367396e1b10d
SSDEEP

768:oz4ulqLwkn+Vo+ajK4oO+lt35upGbY2L7/OAqsNJ:AM3soZ244t3wprATe4J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
52974a33d63e3ddccb3bda671abe09bc7df3b1e3d3ec467b31cb488ee362153f_NeikiAnalytics.exe

Files

52974a33d63e3ddccb3bda671abe09bc7df3b1e3d3ec467b31cb488ee362153f_NeikiAnalytics.exe
.dll windows:5 windows x86 arch:x86

7214de812572237c298c7967b52ada49

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WriteConsoleW
CloseHandle
ReadFile
GetFileSizeEx
CreateFileW
CreateThread
GetProcAddress
GetModuleHandleA
GetCurrentThread
OpenProcess
ExitProcess
VirtualAllocEx
VirtualQueryEx
ReadProcessMemory
VirtualProtectEx
WriteProcessMemory
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
Sleep
InterlockedExchange
SetLastError
VirtualAlloc
SuspendThread
GetLastError
VirtualFree
GetThreadContext
SetThreadContext
GetCurrentProcess
FlushInstructionCache
ResumeThread
VirtualProtect
VirtualQuery
InterlockedCompareExchange
GetCurrentThreadId

ole32

CoSetProxyBlanket
CoUninitialize
CoCreateInstance
CoInitialize

oleaut32

SysAllocString
SysFreeString

msvcr90

_onexit
_lock
__dllonexit
__clean_type_info_names_internal
_crt_debugger_hook
_except_handler4_common
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
free
_malloc_crt
_encode_pointer
??2@YAPAXI@Z
??3@YAXPAX@Z
strlen
memset
swscanf
wcsstr
memcpy
malloc
_unlock

Exports

Exports

DetourFinishHelperProcess
DrawPrimitive2Hook
DrawPrimitive3Hook
IsXInputDevice
LoadBinary
ReleaseAllHooks
SetDrawPrimitive2HookParameters
SetDrawPrimitive3HookParameters
copyData2Surface
sethook
sigscan
surfaceCopy
unhook

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7214de812572237c298c7967b52ada49

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ole32

oleaut32

msvcr90

Exports

Exports

Sections

.text Size: 17KB - Virtual size: 17KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 512B - Virtual size: 984B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 17KB - Virtual size: 17KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 984B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 2KB