67f04b56dd2c19ad24a8f1cd46ba280dc35f28c7cf36161c7855acea95d425ce_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

67f04b56dd2c19ad24a8f1cd46ba280dc35f28c7cf36161c7855acea95d425ce_NeikiAnalytics.exe
Size

102KB
MD5

e41c5e88fdd0b1b43e79d82b7a7686d0
SHA1

8f0d2d9c2a77e6aaefe593c298f89bd13891246b
SHA256

67f04b56dd2c19ad24a8f1cd46ba280dc35f28c7cf36161c7855acea95d425ce
SHA512

066e49730b8488427fabad06366f9b4cd6ac3fcc92b122271b3126115dd0b466e170baff883d41bf4a99bcd4b064ca760c0574291aedd1323a16f2eff0062a57
SSDEEP

1536:u83SA4T5oIFsaRMbrViq5bKhssB/xP6dBFZMW89420I+IiLP5P4Ya:wA4TzqRbXK/Z6dHuW8C1LIiLP5PTa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67f04b56dd2c19ad24a8f1cd46ba280dc35f28c7cf36161c7855acea95d425ce_NeikiAnalytics.exe

Files

67f04b56dd2c19ad24a8f1cd46ba280dc35f28c7cf36161c7855acea95d425ce_NeikiAnalytics.exe
.dll windows:6 windows x86 arch:x86

8cd949582b3dcc0b5bb3458017b60717

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\xw0012810\Downloads\Python-3.9.17\Python-3.9.17\PCbuild\win32\_ctypes.pdb

Imports

libffi-7

ffi_prep_cif
ffi_call
ffi_prep_closure

ole32

ProgIDFromCLSID

oleaut32

SysAllocStringLen
SysFreeString
GetErrorInfo
SysStringLen

kernel32

TerminateProcess
SetUnhandledExceptionFilter
GetCurrentProcess
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
GetProcAddress
SetLastError
GetLastError
DisableThreadLibraryCalls
FormatMessageW
LocalFree
FreeLibrary
LoadLibraryExW
VirtualAlloc
GetSystemInfo
InitializeSListHead
UnhandledExceptionFilter

python39

PyExc_AttributeError
PyTuple_GetSlice
PyUnicode_New
PyUnicode_FromWideChar
_Py_CheckFunctionResult
PyErr_SetString
_PyObject_LookupAttrId
PyExc_ValueError
PyDict_Next
PyErr_Format
PyDict_Type
PyModule_AddStringConstant
PyType_IsSubtype
PyExc_OverflowError
_Py_Dealloc
PyLong_AsUnsignedLongMask
PyTuple_GetItem
PySequence_GetSlice
PyDescr_NewGetSet
PyErr_ExceptionMatches
_PyUnicode_FromId
PyModule_AddObject
PySequence_SetItem
_PyArg_ParseTuple_SizeT
PyObject_CallFunctionObjArgs
PyUnicode_AsUTF8
PyUnicode_FromFormat
PyObject_GetBuffer
PySys_Audit
PyList_New
PyModule_Create2
PyType_Ready
PyObject_GetAttrString
PyErr_NewException
PyErr_Clear
_PyDict_GetItemIdWithError
PyObject_GenericSetAttr
PyDict_SetItem
PyDict_New
_PyLong_Sign
PyObject_VectorcallMethod
PyObject_IsInstance
_PyLong_Zero
PyMem_Free
PyLong_FromVoidPtr
PyUnicode_AsWideChar
PyErr_NoMemory
PyLong_AsVoidPtr
PyObject_CallObject
PyIndex_Check
PyBytes_FromStringAndSize
PyDict_DelItem
PyNumber_AsSsize_t
_PyObject_MakeTpCall
PyObject_IsSubclass
_PyWeakref_ProxyType
PyExc_TypeError
_Py_NoneStruct
PyCallable_Check
PyMem_Malloc
PyExc_IndexError
Py_EnterRecursiveCall
PyArg_UnpackTuple
PyBuffer_Release
PyType_Type
PySequence_Tuple
PyEval_RestoreThread
PyUnicode_FromStringAndSize
PyImport_ImportModuleNoBlock
PyErr_WarnEx
PyExc_RuntimeWarning
PyOS_vsnprintf
PyObject_GC_UnTrack
PySys_GetObject
PyGILState_Release
PyErr_WriteUnraisable
Py_Initialize
PyObject_GC_Del
PyLong_AsLong
Py_IsInitialized
PyFile_WriteString
PyObject_GC_Track
PyGILState_Ensure
_PyObject_GC_NewVar
PyMemoryView_FromObject
PyMem_Calloc
PyErr_SetObject
PyLong_AsUnsignedLong
PyCapsule_IsValid
PyBytes_AsString
PyErr_NormalizeException
_PyUnicode_AsUnicode
PyUnicode_AppendAndDel
Py_BuildValue
PyErr_SetFromWindowsErr
PyUnicode_FromFormatV
PyFloat_FromDouble
PyObject_CallFunction
PyTuple_Type
PyObject_Free
PyCapsule_GetPointer
PyErr_Fetch
PyUnicode_AsWideCharString
_PyObject_GetAttrId
PyThreadState_GetDict
PyCapsule_New
PyUnicode_Type
_PyTraceback_Add
_PyUnicode_IsPrintable
PyExc_OSError
_PyObject_New
PyMem_Realloc
PyObject_Str
PyExc_FileNotFoundError
PyUnicode_FromString
PyObject_Call
PyArg_ParseTuple
PyBool_FromLong
_PyFloat_Pack4
PyLong_FromUnsignedLongLong
_PyFloat_Unpack4
PyFloat_AsDouble
PyLong_FromLongLong
PyLong_FromUnsignedLong
PyLong_AsUnsignedLongLongMask
PyFloat_Type
_PyFloat_Unpack8
PyObject_IsTrue
_PyByteArray_empty_string
_PyFloat_Pack8
PyByteArray_Type
PyObject_GetAttr
PySequence_Fast
PyTuple_Size
_PyDict_SizeOf
_PyLong_AsInt
PyDict_SetItemString
PyDict_GetItemWithError
_PyDict_SetItemId
_PyErr_WriteUnraisableMsg
PyBuffer_IsContiguous
PyUnicode_Concat
PySlice_Unpack
PyLong_FromLong
PyObject_SetAttrString
PyExc_RuntimeError
PyEval_SaveThread
PyUnicode_AsUTF8AndSize
_PyWeakref_CallableProxyType
_PyUnicode_EqualToASCIIString
PyLong_FromSsize_t
PyWeakref_NewProxy
PyErr_Occurred
PyDict_Update
PySequence_GetItem
PySlice_Type
Py_LeaveRecursiveCall
PyLong_AsSsize_t
_PyArg_NoKeywords
PyType_GenericNew
_PyObject_SetAttrId
_PyObject_CallFunction_SizeT
_Py_BuildValue_SizeT
PyExc_Exception
PySlice_AdjustIndices
PyThreadState_Get
PyDescr_NewClassMethod
PyUnicode_InternFromString
PyObject_SetAttr
PySequence_Size
Py_GenericAlias
PyErr_Print
PyTuple_New
PyTuple_Pack

vcruntime140

memset
strchr
memcpy
_except_handler4_common
__std_type_info_destroy_list
memmove

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf

api-ms-win-crt-runtime-l1-1-0

_cexit
_crt_at_quick_exit
_crt_atexit
_execute_onexit_table
_register_onexit_function
terminate
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_initialize_onexit_table
_errno

api-ms-win-crt-string-l1-1-0

iswctype

Exports

Exports

DllCanUnloadNow
DllGetClassObject
PyInit__ctypes

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8cd949582b3dcc0b5bb3458017b60717

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

libffi-7

ole32

oleaut32

kernel32

python39

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-string-l1-1-0

Exports

Exports

Sections

.text Size: 64KB - Virtual size: 63KB

.rdata Size: 19KB - Virtual size: 19KB

.data Size: 7KB - Virtual size: 7KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 64KB - Virtual size: 63KB

.rdata
Size: 19KB - Virtual size: 19KB

.data
Size: 7KB - Virtual size: 7KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 7KB - Virtual size: 7KB