8bb9dbc5c6d299e3d838db0d4064d2ddfa6975badf9fedc074da74f76b61cddc_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

8bb9dbc5c6d299e3d838db0d4064d2ddfa6975badf9fedc074da74f76b61cddc_NeikiAnalytics.exe
Size

103KB
MD5

35c63dcf201669286945575593d24ec0
SHA1

fec01ab8b6eb3befff7b65d55540e65a566997ba
SHA256

8bb9dbc5c6d299e3d838db0d4064d2ddfa6975badf9fedc074da74f76b61cddc
SHA512

2809ffb2c852064bf1b9a0c5329e22b6f2566a4cf0d60d868b3c7bd0cb5ff69ca7c0146e339477faa07b7733630af9aa2cb7c0ed46d4d710eb24bd3d60f282e9
SSDEEP

1536:fWbHRjrSs0yF+/NVw0sxMa8IUzddT+xKY34bo38wrkSnaYyHB7lnBJXpCB:fKHlrlwsxMWYSxadwoxHBhnLXpCB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8bb9dbc5c6d299e3d838db0d4064d2ddfa6975badf9fedc074da74f76b61cddc_NeikiAnalytics.exe

Files

8bb9dbc5c6d299e3d838db0d4064d2ddfa6975badf9fedc074da74f76b61cddc_NeikiAnalytics.exe
.dll windows:5 windows x86 arch:x86

a9efdd3260ada1aa9c3f265ab9921f65

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InterlockedIncrement
InterlockedDecrement
HeapFree
InterlockedCompareExchange
InitializeCriticalSectionAndSpinCount
HeapDestroy
LeaveCriticalSection
HeapCreate
EnterCriticalSection
DeleteCriticalSection
WaitForSingleObject
SetEvent
Sleep
CreateEventA
GetLastError
CloseHandle
GetCurrentThreadId
SwitchToThread
SetLastError
WideCharToMultiByte
lstrlenW
InterlockedExchange
ResetEvent
CreateEventW
CancelIo
TryEnterCriticalSection
SetWaitableTimer
CreateWaitableTimerW
CancelWaitableTimer
WaitForMultipleObjects
InitializeCriticalSection
IsBadWritePtr
HeapAlloc
CreateThread
FlushFileBuffers
CreateFileW
GetStringTypeW
LCMapStringW
WriteConsoleW
SetStdHandle
MultiByteToWideChar
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetConsoleMode
GetConsoleCP
SetFilePointer
LoadLibraryW
RtlUnwind
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStartupInfoW
GetFileType
SetHandleCount
VirtualAlloc
ExitProcess
VirtualFree
HeapReAlloc
HeapSize
GetProcessHeap
ExitThread
DecodePointer
EncodePointer
GetCommandLineA
RaiseException
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
GetProcAddress
GetModuleHandleW
WriteFile
GetStdHandle
GetModuleFileNameW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree

user32

DispatchMessageW
MsgWaitForMultipleObjects
TranslateMessage
PeekMessageW

ole32

CoInitialize
CoTaskMemFree
CoUninitialize
CoCreateInstance

ws2_32

WSACreateEvent
WSASetLastError
WSAResetEvent
WSAWaitForMultipleEvents
WSAIoctl
connect
WSAStartup
WSAEventSelect
htons
setsockopt
WSACleanup
recv
socket
closesocket
gethostbyname
send
WSAEnumNetworkEvents
WSAGetLastError
WSACloseEvent
select
shutdown

winmm

timeGetTime

avrt

AvRevertMmThreadCharacteristics
AvSetMmThreadCharacteristicsW

Exports

Exports

Main
run

Sections

.text
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a9efdd3260ada1aa9c3f265ab9921f65

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ole32

ws2_32

winmm

avrt

Exports

Exports

Sections

.text Size: 74KB - Virtual size: 73KB

.rdata Size: 15KB - Virtual size: 14KB

.data Size: 5KB - Virtual size: 13KB

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 74KB - Virtual size: 73KB

.rdata
Size: 15KB - Virtual size: 14KB

.data
Size: 5KB - Virtual size: 13KB

.reloc
Size: 7KB - Virtual size: 7KB