384693679c1efbce0c3e4db28a43c298b1ec393c2fb7a15aaf28dd193b224213_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

384693679c1efbce0c3e4db28a43c298b1ec393c2fb7a15aaf28dd193b224213_NeikiAnalytics.exe
Size

157KB
MD5

c476788e13a188d384da5b14626fd730
SHA1

598a2cda0c499921baf48416aa4e795037c9fcf5
SHA256

384693679c1efbce0c3e4db28a43c298b1ec393c2fb7a15aaf28dd193b224213
SHA512

67431db3846ec6973acd633d7cbc4ee0ce4dce877abcbfdb301343b77dbe1b85fb1ce31ef18f1e0d6736a5f1cd9854cd4c910881c43680b9b005712060c46d6c
SSDEEP

3072:F/+qnCotAdhsfVn/FzuqH8sTbUSDyAmSghpnEdXxCEgj5:9fCuAAfusTbBDyAmSmnqhD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
384693679c1efbce0c3e4db28a43c298b1ec393c2fb7a15aaf28dd193b224213_NeikiAnalytics.exe

Files

384693679c1efbce0c3e4db28a43c298b1ec393c2fb7a15aaf28dd193b224213_NeikiAnalytics.exe
.exe windows:5 windows x86 arch:x86

8c30d19a3345e533340e5ba82ea20485

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

strtoul
_stricmp
__p___initenv
exit
rand
__getmainargs
srand
_strnicmp
_XcptFilter
_exit
_adjust_fdiv
_initterm
__setusermatherr
__set_app_type
__p__commode
__p__fmode
_except_handler3
_controlfp
wcscat
wcscpy
time
printf
vsprintf
fprintf
_iob
wcslen
strncpy
sprintf
iswdigit

advapi32

SystemFunction001
CryptGenRandom
GetSidLengthRequired
RegSetValueExA
SystemFunction027
SystemFunction025
RegOpenKeyExA
RegGetKeySecurity
CryptAcquireContextW
InitiateSystemShutdownA
AbortSystemShutdownA
RegQueryValueExA
GetSecurityDescriptorDacl
AllocateAndInitializeSid
RegConnectRegistryW
RegQueryValueExW
SystemFunction007
FreeSid
RegCloseKey
RegSetKeySecurity
EqualSid
GetAce
GetAclInformation

kernel32

CloseHandle
lstrcatA
CreateMailslotA
GetFileSize
WriteFile
CreateFileW
GetSystemTimeAsFileTime
FlushFileBuffers
LocalAlloc
LocalFree
GetTickCount
LeaveCriticalSection
EnterCriticalSection
GetLocalTime
GetOverlappedResult
WaitForMultipleObjects
WaitForSingleObject
GetLastError
ReadFile
DeleteCriticalSection
SetEvent
CreateThread
CreateEventW
SetMailslotInfo
GetComputerNameW
InitializeCriticalSection
lstrlenA
lstrcpyA
MultiByteToWideChar

cryptdll

CDLocateCheckSum

ntdsapi

DsBindW
DsUnBindW
DsFreeDomainControllerInfoW
DsGetDomainControllerInfoW

netapi32

DsGetSiteNameA
I_NetLogonControl2
DsGetDcSiteCoverageA
NetApiBufferFree
DsEnumerateDomainTrustsA
I_NetServerReqChallenge
I_NetServerAuthenticate
I_NetDatabaseSync
I_NetLogonControl
I_NetGetDCList
DsGetDcNameWithAccountA
NetApiBufferAllocate
DsGetDcNameW
NetLogonGetTimeServiceParentDomain
NetGetDCName
DsDeregisterDnsHostRecordsA
I_NetNameCompare

rpcrt4

UuidFromStringA
RpcStringFreeA
UuidToStringA

ws2_32

htonl
ntohs

ntdll

RtlConvertSidToUnicodeString
RtlFreeUnicodeString
NlsMbCodePageTag
RtlxAnsiStringToUnicodeSize
RtlAnsiStringToUnicodeString
RtlxUnicodeStringToOemSize
RtlUpcaseUnicodeStringToOemString
RtlInitString
NlsMbOemCodePageTag
RtlOemStringToUnicodeString
memmove
strncmp
RtlInitUnicodeString
RtlTimeToSecondsSince1970
RtlLengthSid
RtlCompareMemory
RtlSystemTimeToLocalTime
RtlTimeToTimeFields
RtlInitAnsiString

Sections

.text
Size: 126KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8c30d19a3345e533340e5ba82ea20485

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

kernel32

cryptdll

ntdsapi

netapi32

rpcrt4

ws2_32

ntdll

Sections

.text Size: 126KB - Virtual size: 126KB

.data Size: 28KB - Virtual size: 65KB

.rsrc Size: 1024B - Virtual size: 1016B

.text
Size: 126KB - Virtual size: 126KB

.data
Size: 28KB - Virtual size: 65KB

.rsrc
Size: 1024B - Virtual size: 1016B