7ef6dea3e67d98df19dbe3dbdf8141a34b46d9c47d40f5e120479cbee9553cfe_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

7ef6dea3e67d98df19dbe3dbdf8141a34b46d9c47d40f5e120479cbee9553cfe_NeikiAnalytics.exe
Size

3.0MB
MD5

13bbf3530f356f61e0d3931929556420
SHA1

589007b4eb0f8af62ee237fe8f729355bedb4153
SHA256

7ef6dea3e67d98df19dbe3dbdf8141a34b46d9c47d40f5e120479cbee9553cfe
SHA512

cac5f0d709eedb23b9cf32debb196461aec6b14d03b4ac0a5d5faedb285926f390716d94484286e6c5335c241b7ff8db00133831d0d314ad4abc0f55d7b24da0
SSDEEP

49152:XVtW9ywV/cDSt5UxsLvWxyRxWc42xvR/WlJ4EAPLVNLGWLmxq6Hfyl2LVZNPwIBd:wcDSt5UxsLvWxyRxWc42xvR/WlJ4EAPF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7ef6dea3e67d98df19dbe3dbdf8141a34b46d9c47d40f5e120479cbee9553cfe_NeikiAnalytics.exe

Files

7ef6dea3e67d98df19dbe3dbdf8141a34b46d9c47d40f5e120479cbee9553cfe_NeikiAnalytics.exe
.dll windows:5 windows x86 arch:x86

4b91b76742a6ba2da063220d98a85991

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

Microsoft.DirectX.Direct3DX.pdb

Imports

kernel32

InterlockedDecrement
InterlockedIncrement
DeleteFileA
CloseHandle
ReadFile
CreateFileA
WriteFile
WideCharToMultiByte
GetVersionExA
OutputDebugStringA
IsDBCSLeadByte
GetProcAddress
LoadLibraryA
GetModuleHandleA
CompareStringA
FreeResource
SizeofResource
GetTempPathA
LoadResource
FindResourceA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetFileSize
CreateFileW
DeleteFileW
SetFilePointer
GetSystemInfo
IsProcessorFeaturePresent
EnterCriticalSection
InitializeCriticalSection
InterlockedCompareExchange
DeleteCriticalSection
LeaveCriticalSection
GetFullPathNameA
GetLastError
MultiByteToWideChar
VirtualFree
VirtualAlloc
lstrcmpiA
MoveFileA
MoveFileW
GetTempFileNameW
IsBadWritePtr
GlobalMemoryStatus
FreeLibrary
SetEndOfFile
HeapAlloc
GetProcessHeap
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetTempFileNameA
SetLastError
InterlockedExchange
Sleep
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
LockResource

mscoree

_CorDllMain

msvcrt

wcslen
atoi
isdigit
tolower
_purecall
_CIfmod
memmove
_stricmp
_CIasin
fclose
fwrite
_wfopen
__CxxFrameHandler
fread
floor
vsprintf
wcstombs
isalnum
isspace
atof
isalpha
isxdigit
_fpclass
_isnan
_CItanh
_CIsinh
_CIexp
_CIcosh
iswpunct
iswdigit
iswalpha
iswspace
modf
toupper
calloc
longjmp
_setjmp3
sscanf
frexp
_strdate
_strtime
ldexp
rand
_ultoa
atol
_except_handler3
exit
fseek
tmpfile
?terminate@@YAXXZ
strncpy
wcsncpy
_CIpow
_snprintf
_vsnprintf
ceil
_controlfp
qsort
_ftol
_finite
_CIacos
realloc
setlocale
_strdup
_adjust_fdiv
malloc
_initterm
free
memcmp
??3@YAXPAX@Z
??2@YAPAXI@Z
strchr
_CIsqrt
sprintf

user32

ReleaseDC
GetDC

gdi32

CreateFontIndirectA
GetObjectA
GetCurrentObject
MoveToEx
ExtTextOutA
GetOutlineTextMetricsA
GetGlyphOutlineA
GetGlyphOutlineW
GetTextMetricsA
ExtTextOutW
CreateCompatibleDC
SetMapMode
SetTextAlign
CreateFontIndirectW
GetFontLanguageInfo
GetTextMetricsW
SetBkMode
SetBkColor
SetTextColor
GetCharacterPlacementW
GetCharacterPlacementA
DeleteDC
CreateDIBSection
GetObjectW
GetDeviceCaps
DeleteObject
SelectObject

advapi32

RegQueryValueExA
RegOpenKeyA
RegCloseKey

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 360KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512KB - Virtual size: 516KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4b91b76742a6ba2da063220d98a85991

Headers

File Characteristics

PDB Paths

Imports

kernel32

mscoree

msvcrt

user32

gdi32

advapi32

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

.data Size: 107KB - Virtual size: 360KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512KB - Virtual size: 516KB

.text
Size: 2.4MB - Virtual size: 2.4MB

.data
Size: 107KB - Virtual size: 360KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512KB - Virtual size: 516KB