24c734f1410dc728da2437992b9489ca8c861db3f697c15076e68072f246ac63_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

24c734f1410dc728da2437992b9489ca8c861db3f697c15076e68072f246ac63_NeikiAnalytics.exe
Size

351KB
MD5

fe00810e09a61d2be0235a9d69870790
SHA1

940841958601031c80e74c044ed2e90c120bcb48
SHA256

24c734f1410dc728da2437992b9489ca8c861db3f697c15076e68072f246ac63
SHA512

83aefb8b0374d64111067768d7a3be1ea7d947bee18491e8e462372675c07012b96240420ea426b3530388c10c0fa2137ada0bde0177c7d8586e0dcefc29552c
SSDEEP

6144:HTZ5tCToFdXpFDXgYziVx51Bmcf1RtMJWTcS5LLGF4BD8R4R5dUnpkAOrcWqW1o7:WoboVOQvtM0TcS5LLG+5xAOrQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24c734f1410dc728da2437992b9489ca8c861db3f697c15076e68072f246ac63_NeikiAnalytics.exe

Files

24c734f1410dc728da2437992b9489ca8c861db3f697c15076e68072f246ac63_NeikiAnalytics.exe
.dll windows:6 windows x86 arch:x86

cb7f7ac76c1f135ff097568f049d8a18

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

bcrypt

BCryptGenRandom

advapi32

AdjustTokenPrivileges
SystemFunction036
LookupPrivilegeValueA
OpenProcessToken

kernel32

VirtualAlloc
VirtualFree
VirtualQuery
GetCurrentProcessorNumber
GetProcessTimes
GetNumaHighestNodeNumber
QueryPerformanceFrequency
GetNumaNodeProcessorMask
WriteConsoleA
GetConsoleScreenBufferInfo
GetSystemInfo
QueryPerformanceCounter
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
FlsFree
FlsSetValue
FlsAlloc
WriteFile
GetEnvironmentVariableA
ReleaseSRWLockShared
AcquireSRWLockShared
RtlCaptureContext
GetCurrentThread
GetCurrentDirectoryW
GetEnvironmentVariableW
SetLastError
FormatMessageW
GetModuleHandleW
ReleaseMutex
CreateMutexA
GetCurrentProcessId
GetCurrentProcess
LoadLibraryA
WaitForSingleObjectEx
WriteConsoleW
MultiByteToWideChar
InitializeSListHead
WaitForSingleObject
IsDebuggerPresent
GetConsoleMode
GetStdHandle
TlsFree
InitOnceComplete
TlsAlloc
InitOnceBeginInitialize
GetModuleHandleA
CloseHandle
GetLastError
GetProcAddress
GetModuleHandleExW
TlsSetValue
TlsGetValue
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
FreeLibrary
GetLargePageMinimum
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
GetCurrentThreadId

ntdll

NtWriteFile
RtlNtStatusToDosError

vcruntime140

_CxxThrowException
strstr
__CxxFrameHandler3
memmove
_except_handler4_common
memcpy
memcmp
memset
__std_type_info_destroy_list

api-ms-win-crt-string-l1-1-0

strlen

api-ms-win-crt-runtime-l1-1-0

_initterm
_errno
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_cexit

api-ms-win-crt-convert-l1-1-0

strtol

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf
fputs
__acrt_iob_func

api-ms-win-crt-heap-l1-1-0

free

Exports

Exports

napi_register_module_v1

Sections

.text
Size: 283KB - Virtual size: 283KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cb7f7ac76c1f135ff097568f049d8a18

Headers

DLL Characteristics

File Characteristics

Imports

bcrypt

advapi32

kernel32

ntdll

vcruntime140

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

Exports

Exports

Sections

.text Size: 283KB - Virtual size: 283KB

.rdata Size: 50KB - Virtual size: 50KB

.data Size: 4KB - Virtual size: 42KB

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 283KB - Virtual size: 283KB

.rdata
Size: 50KB - Virtual size: 50KB

.data
Size: 4KB - Virtual size: 42KB

.reloc
Size: 12KB - Virtual size: 11KB