8417b38ef943e99fc536abe7347de725fe5a94bbf436c40dfd65636d51745595_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

8417b38ef943e99fc536abe7347de725fe5a94bbf436c40dfd65636d51745595_NeikiAnalytics.exe
Size

1.4MB
MD5

a7318dee96d7f7d493e616b3b711f5d0
SHA1

dc6039e67f18a388cea04082e7a988e10db12cd3
SHA256

8417b38ef943e99fc536abe7347de725fe5a94bbf436c40dfd65636d51745595
SHA512

a7868dcf8e3c2cbbe8b2fba8afcbb36b23278971cecb47cc1eb942787b46aecf8ae4881bbab8da8a829e1e81b53e7ca59fc02d46ca1b7c6edfc2aae8ec36f6f7
SSDEEP

12288:jzl0voOzcqxXml2rP2ExwNqUNjg/V64/eQVyXjZ0PMeIj6UOr:jOACVxXmlFExwkUsdGQJ0eIhO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8417b38ef943e99fc536abe7347de725fe5a94bbf436c40dfd65636d51745595_NeikiAnalytics.exe

Files

8417b38ef943e99fc536abe7347de725fe5a94bbf436c40dfd65636d51745595_NeikiAnalytics.exe
.dll windows:6 windows x64 arch:x64

558f98737cca1d935b0b4533376c2690

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

msvcp140

_Mtx_init_in_situ
_Mtx_destroy_in_situ
?__ExceptionPtrRethrow@@YAXPEBX@Z
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?__ExceptionPtrAssign@@YAXPEAXPEBX@Z
?__ExceptionPtrDestroy@@YAXPEAX@Z
?__ExceptionPtrToBool@@YA_NPEBX@Z
?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?__ExceptionPtrCreate@@YAXPEAX@Z

python38

PyThread_tss_alloc
PyThreadState_DeleteCurrent
PyExc_TypeError
PyThreadState_Clear
PyCFunction_NewEx
PyCapsule_Type
PyEval_GetBuiltins
PyDict_Copy
PyList_Append
PyUnicode_AsUTF8String
PyModule_Type
PyExc_IndexError
_Py_TrueStruct
PyExc_SystemError
PyObject_SetItem
PyDict_DelItemString
PyUnicode_FromString
PyEval_AcquireThread
_PyType_Lookup
PyGILState_GetThisThreadState
PyBuffer_Release
PyObject_Repr
PyNumber_Float
PyType_Type
PySequence_Tuple
_PyObject_GetDictPtr
PySequence_Size
PyImport_ImportModule
PySequence_GetItem
Py_GetVersion
PyExc_AttributeError
PyModule_Create2
PySequence_Check
PyExc_ImportError
PyEval_RestoreThread
PyLong_FromLongLong
PyNumber_Long
PyErr_Clear
PyObject_GetAttrString
PyType_Ready
PyNumber_Check
PyObject_GetBuffer
PyUnicode_FromFormat
PyObject_ClearWeakRefs
PyLong_AsLong
PyErr_Fetch
PyCapsule_GetPointer
PyErr_ExceptionMatches
PyTuple_GetItem
_Py_Dealloc
PyErr_Restore
PyType_IsSubtype
PyMethod_Type
PyFloat_Type
_Py_FalseStruct
PyThreadState_New
PyErr_Format
PyDict_Next
PyExc_ValueError
PyErr_SetString
PyList_Size
PyFloat_FromDouble
PyDict_Size
PyTuple_New
PyLong_AsLongLong
_Py_NoneStruct
PyBytes_AsStringAndSize
PyLong_AsUnsignedLongLong
PyFloat_AsDouble
PyFrame_GetLineNumber
PyCapsule_GetContext
PyLong_FromUnsignedLongLong
PyExc_MemoryError
PyInstanceMethod_Type
PyObject_SetAttrString
PyExc_RuntimeError
_PyThreadState_UncheckedGet
PyEval_SaveThread
PyUnicode_DecodeUTF8
PyErr_Occurred
PyErr_NormalizeException
PyCapsule_SetContext
_Py_NotImplementedStruct
PyBytes_AsString
PyProperty_Type
PyObject_Malloc
PyObject_HasAttrString
PyEval_InitThreads
PyObject_CallObject
PyObject_GetItem
PyDict_GetItemString
PyLong_AsUnsignedLong
PyThread_tss_set
PyTuple_SetItem
PyMem_Free
PyObject_IsInstance
PyInstanceMethod_New
PyList_GetItem
PyDict_New
PyBytes_Size
PyCapsule_GetName
PyCapsule_New
PyException_SetTraceback
PyThread_tss_get
PyThreadState_Get
PyList_New
PyTuple_Size
PyWeakref_NewRef
PyCFunction_Type
PyObject_SetAttr
PyExc_BufferError
PyMem_Calloc
PyBaseObject_Type
PyUnicode_AsEncodedString
PyThread_tss_create
PyObject_Str

kernel32

CloseHandle
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
InitializeSListHead
GetProcAddress
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetEvent
ResetEvent

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__std_exception_destroy
__std_exception_copy
_purecall
__std_type_info_name
__std_terminate
__RTtypeid
__std_type_info_destroy_list
__current_exception
__current_exception_context
__C_specific_handler
_CxxThrowException
memmove
memcpy
memcmp
memset
memchr
__RTCastToVoid

api-ms-win-crt-heap-l1-1-0

malloc
_callnewh
free

api-ms-win-crt-runtime-l1-1-0

_seh_filter_dll
_invalid_parameter_noinfo_noreturn
_initterm_e
_initterm
_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
terminate

api-ms-win-crt-string-l1-1-0

strncmp
_strdup
strcmp

api-ms-win-crt-math-l1-1-0

pow
ceilf

Exports

Exports

PyInit_superagg

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 193KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

558f98737cca1d935b0b4533376c2690

Headers

DLL Characteristics

File Characteristics

Imports

msvcp140

python38

kernel32

vcruntime140_1

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-math-l1-1-0

Exports

Exports

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 193KB - Virtual size: 192KB

.data Size: 20KB - Virtual size: 22KB

.pdata Size: 45KB - Virtual size: 44KB

.rsrc Size: 512B - Virtual size: 248B

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 193KB - Virtual size: 192KB

.data
Size: 20KB - Virtual size: 22KB

.pdata
Size: 45KB - Virtual size: 44KB

.rsrc
Size: 512B - Virtual size: 248B

.reloc
Size: 4KB - Virtual size: 3KB