43293ea06240e64851b2fe2f1ba310ba836fc41e4160f4c33ad8ec49025904cf_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

43293ea06240e64851b2fe2f1ba310ba836fc41e4160f4c33ad8ec49025904cf_NeikiAnalytics.exe
Size

31KB
MD5

b15be2e0f49ae60fc41e524be2a0a100
SHA1

9424b9d2b51f25975dcfe5be7cd17c4c9e0a7de9
SHA256

43293ea06240e64851b2fe2f1ba310ba836fc41e4160f4c33ad8ec49025904cf
SHA512

d3ff2daab8427b96a1ef069887f61a6a4d7c16a88a9cb52c81feb265afb3ef7c92cba20089484117ef2fa66a454c1d7064851b5aee8b07034fac5626d3d88db9
SSDEEP

768:UjGmrD9KtzlV0d/7wIJ2kyOi98d5l4jh5rMKVyX:YGmrDQRv0d8Uu447gX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43293ea06240e64851b2fe2f1ba310ba836fc41e4160f4c33ad8ec49025904cf_NeikiAnalytics.exe

Files

43293ea06240e64851b2fe2f1ba310ba836fc41e4160f4c33ad8ec49025904cf_NeikiAnalytics.exe
.exe windows:5 windows x86 arch:x86

1e3045f6e9781b4ae408efd34c79fd1e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\builds\moz2_slave\tb-try-c-cen-w32-0000000000000\build\objdir-tb\media\libcubeb\tests\test_tone.pdb

Imports

kernel32

Sleep
VerSetConditionMask
CloseHandle
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetEvent
WaitForSingleObject
CreateEventA
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
SetThreadPriority
VerifyVersionInfoA
ResetEvent
FreeLibrary
GetProcAddress
WaitForMultipleObjects
LoadLibraryA
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
IsProcessorFeaturePresent
EncodePointer
DecodePointer

user32

GetSystemMetrics

winmm

waveOutUnprepareHeader
waveOutRestart
waveOutWrite
waveOutPrepareHeader
waveOutGetPosition
waveOutOpen
waveOutGetDevCapsA
waveOutReset
waveOutPause
waveOutClose

ole32

CoCreateInstance
CoTaskMemFree
CoInitializeEx
CoUninitialize

msvcr120

__getmainargs
_except_handler4_common
_controlfp_s
_invoke_watson
_onexit
__dllonexit
_calloc_crt
_unlock
_lock
__crtSetUnhandledExceptionFilter
__iob_func
fprintf
printf
?terminate@@YAXXZ
__crtTerminateProcess
_wassert
_CIsin
__crtUnhandledException
_crt_debugger_hook
_commode
abort
memset
_purecall
_fmode
ceil
memcpy
__initenv
floor
_initterm
_initterm_e
_XcptFilter
_amsg_exit
_beginthreadex
__set_app_type
exit
_exit
_cexit
_configthreadlocale
__setusermatherr

mozglue

malloc
?sse2_enabled@sse_private@mozilla@@3_NA
calloc
_aligned_free
_aligned_malloc
moz_xmalloc
realloc
?sse_enabled@sse_private@mozilla@@3_NA
free

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1e3045f6e9781b4ae408efd34c79fd1e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

winmm

ole32

msvcr120

mozglue

Sections

.text Size: 20KB - Virtual size: 20KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 512B - Virtual size: 924B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 20KB - Virtual size: 20KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 924B

.reloc
Size: 1KB - Virtual size: 1KB