4e4a2c498780ec53e26c4e7732836e07f98e5c72b1a4cfc84a71ce7c2774c53b_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

4e4a2c498780ec53e26c4e7732836e07f98e5c72b1a4cfc84a71ce7c2774c53b_NeikiAnalytics.exe
Size

207KB
MD5

42403e732dfde5c0d7f7feb3c57ed6e0
SHA1

d56fc0373f8824f26ade846f53ae146f06a33ba8
SHA256

4e4a2c498780ec53e26c4e7732836e07f98e5c72b1a4cfc84a71ce7c2774c53b
SHA512

dceab1722713b391c69e0229231eb728f20b92b8225db6108a6158b0813fae538dcf08a1ed4636bb5fe1d5c1be27904762a00affe4162a87248be403f1420018
SSDEEP

6144:fBWDx8SrD9eDmu2tgw9mm1HJYZ0OoSoo:5WWKD9JuATmm1pYM9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4e4a2c498780ec53e26c4e7732836e07f98e5c72b1a4cfc84a71ce7c2774c53b_NeikiAnalytics.exe

Files

4e4a2c498780ec53e26c4e7732836e07f98e5c72b1a4cfc84a71ce7c2774c53b_NeikiAnalytics.exe
.exe windows:4 windows x64 arch:x64

8606c45522a3714752063b1aeb7855b9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

CryptAcquireContextA
CryptGenRandom
CryptReleaseContext

kernel32

CloseHandle
CreateEventA
DeleteCriticalSection
EnterCriticalSection
GetCommandLineW
GetCurrentThreadId
GetFullPathNameW
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
LocalFree
MultiByteToWideChar
QueryPerformanceCounter
QueryPerformanceFrequency
SetDllDirectoryA
SetEvent
SetUnhandledExceptionFilter
Sleep
TlsGetValue
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
__C_specific_handler

api-ms-win-crt-convert-l1-1-0

mbrtowc
strtol
strtoll
wcrtomb

api-ms-win-crt-environment-l1-1-0

__p__environ
__p__wenviron
_wgetenv

api-ms-win-crt-filesystem-l1-1-0

_lock_file
_unlock_file

api-ms-win-crt-heap-l1-1-0

_set_new_mode
calloc
free
malloc

api-ms-win-crt-locale-l1-1-0

localeconv

api-ms-win-crt-math-l1-1-0

__setusermatherr
log10

api-ms-win-crt-private-l1-1-0

memcpy
strchr
strrchr
strstr

api-ms-win-crt-runtime-l1-1-0

_set_app_type
__p___argc
__p___argv
__p___wargv
_cexit
_configure_narrow_argv
_configure_wide_argv
_crt_at_quick_exit
_crt_atexit
_errno
_exit
_initialize_narrow_environment
_initialize_wide_environment
_initterm
_set_invalid_parameter_handler
abort
exit
signal
strerror

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__p__commode
__p__fmode
__stdio_common_vfprintf
__stdio_common_vfwprintf
_wfopen
fflush
fopen
fputc
fputs
fwrite
getchar
_write
_open
_close

api-ms-win-crt-string-l1-1-0

memset
strcmp
strcspn
strlen
strncmp
strtok
wcscat
wcscpy
wcslen

api-ms-win-crt-time-l1-1-0

__daylight
__timezone
__tzname
_localtime64
_time64
_tzset

api-ms-win-crt-utility-l1-1-0

qsort

shell32

CommandLineToArgvW

avcodec-61

av_bsf_get_by_name
av_bsf_iterate
av_codec_is_decoder
av_codec_is_encoder
av_codec_iterate
av_get_bits_per_sample
av_packet_alloc
av_packet_free
av_packet_get_side_data
av_packet_side_data_name
av_packet_unpack_dictionary
av_packet_unref
avcodec_alloc_context3
avcodec_configuration
avcodec_decode_subtitle2
avcodec_descriptor_get
avcodec_descriptor_get_by_name
avcodec_descriptor_next
avcodec_find_decoder
avcodec_find_decoder_by_name
avcodec_find_encoder
avcodec_find_encoder_by_name
avcodec_flush_buffers
avcodec_free_context
avcodec_get_class
avcodec_get_hw_config
avcodec_open2
avcodec_parameters_to_context
avcodec_profile_name
avcodec_receive_frame
avcodec_send_packet
avcodec_version
avsubtitle_free

avdevice-61

av_input_audio_device_next
av_input_video_device_next
av_output_audio_device_next
av_output_video_device_next
avdevice_configuration
avdevice_free_list_devices
avdevice_list_input_sources
avdevice_list_output_sinks
avdevice_register_all
avdevice_version

avfilter-10

av_filter_iterate
avfilter_configuration
avfilter_filter_pad_count
avfilter_get_by_name
avfilter_pad_get_name
avfilter_pad_get_type
avfilter_version

avformat-61

av_demuxer_iterate
av_disposition_to_string
av_dump_format
av_find_input_format
av_guess_format
av_guess_sample_aspect_ratio
av_muxer_iterate
av_read_frame
avformat_alloc_context
avformat_close_input
avformat_configuration
avformat_find_stream_info
avformat_get_class
avformat_match_stream_specifier
avformat_network_deinit
avformat_network_init
avformat_open_input
avformat_seek_file
avformat_stream_group_name
avformat_version
avio_close
avio_closep
avio_enum_protocols
avio_flush
avio_open
avio_protocol_get_class
avio_read_to_bprint
avio_size
avio_vprintf
avio_w8
avio_write

avutil-59

av_bprint_append_data
av_bprint_chars
av_bprint_clear
av_bprint_escape
av_bprint_finalize
av_bprint_init
av_bprintf
av_buffer_allocz
av_calloc
av_channel_description
av_channel_layout_describe
av_channel_layout_index_from_channel
av_channel_layout_standard
av_channel_name
av_chroma_location_name
av_color_primaries_name
av_color_range_name
av_color_space_name
av_color_transfer_name
av_cpu_force_count
av_default_item_name
av_dict_copy
av_dict_free
av_dict_get
av_dict_iterate
av_dict_parse_string
av_dict_set
av_display_rotation_get
av_dynarray_add_nofree
av_force_cpu_flags
av_fourcc_make_string
av_frame_alloc
av_frame_free
av_frame_side_data_name
av_free
av_freep
av_get_bits_per_pixel
av_get_cpu_flags
av_get_known_color_name
av_get_media_type_string
av_get_picture_type_char
av_get_pix_fmt_name
av_get_sample_fmt_name
av_get_sample_fmt_string
av_get_token
av_hash_alloc
av_hash_final_hex
av_hash_freep
av_hash_get_name
av_hash_init
av_hash_names
av_hash_update
av_hwdevice_get_type_name
av_log
av_log_default_callback
av_log_format_line
av_log_get_flags
av_log_get_level
av_log_set_callback
av_log_set_flags
av_log_set_level
av_malloc_array
av_mallocz
av_match_name
av_max_alloc
av_opt_child_class_iterate
av_opt_eval_int
av_opt_find
av_opt_free
av_opt_get
av_opt_get_key_value
av_opt_next
av_opt_set
av_opt_set_defaults
av_opt_show2
av_parse_cpu_caps
av_parse_time
av_pix_fmt_desc_get_id
av_pix_fmt_desc_next
av_realloc_array
av_reallocp_array
av_reduce
av_rescale_q
av_spherical_projection_name
av_spherical_tile_bounds
av_stereo3d_type_name
av_strcasecmp
av_strdup
av_strerror
av_strlcat
av_strlcatf
av_strlcpy
av_strstart
av_strtod
av_strtok
av_timecode_make_mpeg_tc_string
av_timecode_make_smpte_tc_string2
av_ts_make_time_string2
av_utf8_decode
avutil_configuration
avutil_version

postproc-58

postproc_configuration
postproc_version

swresample-5

swr_get_class
swresample_configuration
swresample_version

swscale-8

sws_get_class
sws_isSupportedInput
sws_isSupportedOutput
swscale_configuration
swscale_version

Sections

.text
Size: 133KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 54B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8606c45522a3714752063b1aeb7855b9

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-private-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-utility-l1-1-0

shell32

avcodec-61

avdevice-61

avfilter-10

avformat-61

avutil-59

postproc-58

swresample-5

swscale-8

Sections

.text Size: 133KB - Virtual size: 132KB

.data Size: 8KB - Virtual size: 7KB

.rdata Size: 39KB - Virtual size: 39KB

.pdata Size: 4KB - Virtual size: 3KB

.xdata Size: 4KB - Virtual size: 3KB

.bss Size: - Virtual size: 3KB

.edata Size: 512B - Virtual size: 54B

.idata Size: 13KB - Virtual size: 13KB

.CRT Size: 512B - Virtual size: 96B

.tls Size: 512B - Virtual size: 16B

.rsrc Size: 1024B - Virtual size: 584B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 133KB - Virtual size: 132KB

.data
Size: 8KB - Virtual size: 7KB

.rdata
Size: 39KB - Virtual size: 39KB

.pdata
Size: 4KB - Virtual size: 3KB

.xdata
Size: 4KB - Virtual size: 3KB

.bss
Size: - Virtual size: 3KB

.edata
Size: 512B - Virtual size: 54B

.idata
Size: 13KB - Virtual size: 13KB

.CRT
Size: 512B - Virtual size: 96B

.tls
Size: 512B - Virtual size: 16B

.rsrc
Size: 1024B - Virtual size: 584B

.reloc
Size: 1KB - Virtual size: 1KB