8a3c4c91ed95f715f48929e0b9ad0224c2965e6388194586673836b8eb59fdab_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

8a3c4c91ed95f715f48929e0b9ad0224c2965e6388194586673836b8eb59fdab_NeikiAnalytics.exe
Size

1.1MB
MD5

977308a3297eaf89796b609d9915e4c0
SHA1

a41e8cac4c84c3774e02e2a02ec60b132313bb09
SHA256

8a3c4c91ed95f715f48929e0b9ad0224c2965e6388194586673836b8eb59fdab
SHA512

4eface4e50fb1fc8e30eff5bab4eb516a1a74bb8fc23c4d906e3d3bb677580d428cf48afc1873f6a2483d97e34e35d3bb1b2c77029a0e05ce85c9eaf1bd9f93d
SSDEEP

24576:qRkrVNovw1sjGAapMU6BJk1XCzFfFeblWxdvdjVxTjVW1BHl:qKrVNyLE6s1X4FfSYzvdl4BHl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8a3c4c91ed95f715f48929e0b9ad0224c2965e6388194586673836b8eb59fdab_NeikiAnalytics.exe

Files

8a3c4c91ed95f715f48929e0b9ad0224c2965e6388194586673836b8eb59fdab_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

68774b76c71358613da7a94d3f38b1c5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\DistributedAutoLink\Temp\CompileOutputDir\7zSfx.pdb

Imports

user32

CharUpperW
CharUpperA
GetSystemMenu
GetMenuItemCount
GetMenuItemID
EnableMenuItem
EnableWindow
ShowWindow
SendMessageA
LoadStringA
GetDlgItem
MessageBoxA
PostMessageA
CharNextA

oleaut32

SysFreeString
VariantClear
SysAllocString

kernel32

GetSystemTimeAsFileTime
VirtualProtect
LoadLibraryA
IsBadCodePtr
IsBadReadPtr
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetFileType
QueryPerformanceCounter
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapSize
GetFileAttributesA
CloseHandle
WriteFile
ReadFile
SetFilePointer
GetFileSize
CreateFileA
GetLastError
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
lstrcatA
lstrlenA
GetStartupInfoA
InterlockedExchange
DeleteFileA
lstrcpyA
GetACP
GetLocaleInfoA
GetVersionExA
CreateDirectoryA
lstrcpynA
RemoveDirectoryA
FindClose
FindNextFileA
SetFileAttributesA
FindFirstFileA
Sleep
GetTempPathA
GetPrivateProfileIntA
GetPrivateProfileStringA
GetModuleFileNameA
GetDiskFreeSpaceA
GetProcAddress
GetModuleHandleA
GetTickCount
ReleaseMutex
CreateThread
GetCommandLineA
CreateMutexA
GetStdHandle
EnterCriticalSection
LeaveCriticalSection
WaitForMultipleObjects
VirtualAlloc
VirtualFree
DeleteCriticalSection
CreateEventA
SetEvent
ResetEvent
InitializeCriticalSection
MultiByteToWideChar
WideCharToMultiByte
SetFileTime
CreateFileW
SetLastError
SetFileAttributesW
CreateDirectoryW
DeleteFileW
GetCurrentProcessId
GetCurrentThreadId
FindFirstFileW
SetEndOfFile
GetSystemInfo
RtlUnwind
RaiseException
HeapFree
HeapReAlloc
HeapAlloc
ExitThread
GetOEMCP
GetCPInfo
TlsAlloc
TlsFree
TlsSetValue
TlsGetValue
SetUnhandledExceptionFilter
HeapDestroy
HeapCreate
IsBadWritePtr
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
VirtualQuery

Sections

.text
Size: 108KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

68774b76c71358613da7a94d3f38b1c5

Headers

File Characteristics

PDB Paths

Imports

user32

oleaut32

kernel32

Sections

.text Size: 108KB - Virtual size: 104KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 8KB - Virtual size: 1.0MB

.rsrc Size: 32KB - Virtual size: 29KB

.text
Size: 108KB - Virtual size: 104KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 8KB - Virtual size: 1.0MB

.rsrc
Size: 32KB - Virtual size: 29KB