8cc58b2e1624bf540850f2b00665b1abcbf853eed02b3367086a29534dd9ed9f_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

8cc58b2e1624bf540850f2b00665b1abcbf853eed02b3367086a29534dd9ed9f_NeikiAnalytics.exe
Size

25KB
MD5

e3c3c303defaffa4da7631dd2d444ac0
SHA1

4a1027937dc00f8f4bd94c9debb04952a370913d
SHA256

8cc58b2e1624bf540850f2b00665b1abcbf853eed02b3367086a29534dd9ed9f
SHA512

e05fb1271537be062682c6b3cdd831cca792b23eb3eacb7f695b78e25b230a2634b6adac57ac864ca3accb13bb83a0db9e96acecda260bfe2ccb6949b3075885
SSDEEP

768:ATba0g47XVi5ewEv7TAlRLc67MDZY5JtTBthYiOybIH:QXM5uvkFc67MlMTBdOmm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8cc58b2e1624bf540850f2b00665b1abcbf853eed02b3367086a29534dd9ed9f_NeikiAnalytics.exe

Files

8cc58b2e1624bf540850f2b00665b1abcbf853eed02b3367086a29534dd9ed9f_NeikiAnalytics.exe
.exe windows:5 windows x64 arch:x64

b9c5be8dc5b328e96988e964e74f2e0d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

c:\Project\Converters\Console\x64\Release A2M Sync\_Console_.pdb

Imports

mfc100u

ord7609
ord268
ord285
ord12756
ord2541
ord5019
ord2049
ord7068
ord296
ord7315
ord1428
ord4131
ord280
ord3998
ord286
ord7608
ord890
ord6895
ord1270
ord7321
ord7246
ord11463
ord13475
ord4570
ord2117
ord11157
ord11158
ord13002
ord6836
ord13008
ord8221
ord3543
ord3484
ord11542
ord1288
ord1716
ord13782
ord10658
ord12889
ord11150
ord6898
ord13191
ord13188
ord13193
ord13190
ord13192
ord13189
ord3295
ord5049
ord10910
ord10918
ord3942
ord7094
ord9189
ord10922
ord10891
ord11523
ord4473
ord4737
ord4907
ord8174
ord4715
ord4910
ord4476
ord4612
ord4457
ord6669
ord6670
ord6660
ord4610
ord7096
ord6853
ord5052
ord9019
ord8037
ord5894
ord878
ord6609
ord1278

msvcr100

_wtoi
__CxxFrameHandler3
__crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
?terminate@@YAXXZ
__set_app_type
_fmode
_commode
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
__winitenv
exit
_cexit
_exit
_XcptFilter
__wgetmainargs
_amsg_exit
_onexit
_lock
__dllonexit
_unlock
__C_specific_handler
_beginthreadex
_CxxThrowException
memset
wprintf

kernel32

GetModuleHandleW
GetConsoleScreenBufferInfo
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
Sleep
DecodePointer
EncodePointer
CreateProcessW
FormatMessageW
CreateFileW
SetNamedPipeHandleState
WriteFile
TerminateProcess
GetExitCodeProcess
CreateNamedPipeW
CreateEventW
ConnectNamedPipe
GetLastError
CloseHandle
SetEvent
WaitForSingleObject
ReadFile
GetConsoleWindow
SetConsoleCursorPosition
WriteConsoleW
GetStdHandle
GetCommandLineW
SetConsoleCtrlHandler
GetProcAddress

user32

ShowWindow

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW

ole32

StringFromGUID2
CoCreateGuid

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 672B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b9c5be8dc5b328e96988e964e74f2e0d

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mfc100u

msvcr100

kernel32

user32

advapi32

ole32

Sections

.text Size: 11KB - Virtual size: 10KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 512B - Virtual size: 2KB

.pdata Size: 1024B - Virtual size: 672B

.rsrc Size: 1024B - Virtual size: 992B

.text
Size: 11KB - Virtual size: 10KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 2KB

.pdata
Size: 1024B - Virtual size: 672B

.rsrc
Size: 1024B - Virtual size: 992B