641772c935a9ffc4c1d5c18adc69dd95c9311ccca297f7a582e968b73fca1473_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

641772c935a9ffc4c1d5c18adc69dd95c9311ccca297f7a582e968b73fca1473_NeikiAnalytics.exe
Size

49KB
MD5

5220e3cf5d3824f1141d480a262b7870
SHA1

476ac2da3e7d66c4ef98a916d1b5b93c85b3b842
SHA256

641772c935a9ffc4c1d5c18adc69dd95c9311ccca297f7a582e968b73fca1473
SHA512

fb17463c48fc673a8183657974dc5b79e349fe574e5a04c16f779abd58db95f1528f18d230a61dfac21e39f7d7665f9da579913e32efd4c0f0e37536ff89d7f9
SSDEEP

768:ldxHuiyzEGcmeW2HySeSyyH+LMf74RCJY+e9y9M7o/RbmswIZ:X4iyzELP3+LMf7cCK+qy/bu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
641772c935a9ffc4c1d5c18adc69dd95c9311ccca297f7a582e968b73fca1473_NeikiAnalytics.exe

Files

641772c935a9ffc4c1d5c18adc69dd95c9311ccca297f7a582e968b73fca1473_NeikiAnalytics.exe
.exe windows:6 windows x64 arch:x64

3ec6ed8e1d311e4494e0be8055eb3a69

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

ws2_32

gethostname

kernel32

RtlCaptureContext
GetModuleHandleW
Sleep
CloseHandle
DuplicateHandle
GetLastError
SetLastError
WaitForSingleObject
GetCurrentProcess
GetExitCodeProcess
CreateRemoteThread
OpenProcess
GetModuleHandleA
GetProcAddress
UnhandledExceptionFilter
RtlVirtualUnwind
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
RtlLookupFunctionEntry
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime

vcruntime140

__current_exception
__C_specific_handler
memmove
__current_exception_context
strchr
memset
memcpy

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
ungetc
putc
getc
_set_fmode
__stdio_common_vfprintf
ftell
fseek
fputs
fputc
__p__commode
fopen
fgets
_getcwd
fflush
_open
_read
_close
feof
fclose
__stdio_common_vsscanf
__stdio_common_vsprintf
__stdio_common_vfscanf

api-ms-win-crt-runtime-l1-1-0

_exit
perror
_c_exit
_initterm_e
_initterm
_initialize_onexit_table
_get_initial_narrow_environment
_register_onexit_function
__p___argc
_cexit
_getpid
system
_errno
_crt_atexit
terminate
__p___argv
_initialize_narrow_environment
exit
_seh_filter_exe
_set_app_type
_register_thread_local_exe_atexit_callback
_configure_narrow_argv

api-ms-win-crt-filesystem-l1-1-0

_mkdir
_unlink
_access
_stat64i32

api-ms-win-crt-string-l1-1-0

tolower
isspace
strncpy
isdigit
islower
isupper
strncmp
strcmp
isprint

api-ms-win-crt-heap-l1-1-0

malloc
realloc
_set_new_mode
free
calloc

api-ms-win-crt-convert-l1-1-0

atof
atoi

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-process-l1-1-0

_execv

api-ms-win-crt-math-l1-1-0

log10
__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3ec6ed8e1d311e4494e0be8055eb3a69

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

kernel32

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-process-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 31KB - Virtual size: 31KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 2KB - Virtual size: 32KB

.pdata Size: 2KB - Virtual size: 2KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 512B - Virtual size: 176B

.text
Size: 31KB - Virtual size: 31KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 2KB - Virtual size: 32KB

.pdata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 512B - Virtual size: 176B