8f9a2ae89c19fea0d59f6b91e4ecd7c8a9c2fcb40c9ef444d7c8a2103de31c09_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

8f9a2ae89c19fea0d59f6b91e4ecd7c8a9c2fcb40c9ef444d7c8a2103de31c09_NeikiAnalytics.exe
Size

108KB
MD5

9a9ee26bda084e3943d4b866a4b70de0
SHA1

8744d1def3210610510b4132b855a631d2b7055b
SHA256

8f9a2ae89c19fea0d59f6b91e4ecd7c8a9c2fcb40c9ef444d7c8a2103de31c09
SHA512

4b5ae173a5133b881c114457d03dff32d08aa010772f5e4ca6ebca52e6878ef3c1b7c1818b50f1612dcc2288c59f9bcd6e6bee180be0feaaa4d997666f5c5146
SSDEEP

1536:+TogFk56ihEMMKBThSJTzvwISeu4JvVWs4E+x9Lr+2OcPOfIWhJe3Kbc:svjihE5KSJTu34VV4E++J6KA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8f9a2ae89c19fea0d59f6b91e4ecd7c8a9c2fcb40c9ef444d7c8a2103de31c09_NeikiAnalytics.exe

Files

8f9a2ae89c19fea0d59f6b91e4ecd7c8a9c2fcb40c9ef444d7c8a2103de31c09_NeikiAnalytics.exe
.dll windows:4 windows x86 arch:x86

d0d112b831829c2c005d3a1b3e723c9e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InterlockedDecrement
HeapFree
GetProcessHeap
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
FlushInstructionCache
GetCurrentProcess
HeapAlloc
DebugBreak
lstrlenA
lstrcpynA
HeapDestroy
DeleteCriticalSection
InitializeCriticalSection
FreeLibrary
CompareStringA
InterlockedExchange
GetModuleHandleA
GetModuleFileNameA
GetWindowsDirectoryA
GetSystemDirectoryA
LoadLibraryA
GetLastError
SetLastError
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
SetHandleCount
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapSize
HeapReAlloc
TerminateProcess
ExitProcess
TlsGetValue
TlsFree
TlsAlloc
TlsSetValue
RaiseException
GetFileType
SetStdHandle
GetVersion
GetCommandLineA
LCMapStringA
GetOEMCP
GetACP
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
RtlUnwind
SetUnhandledExceptionFilter
FlushFileBuffers
InterlockedIncrement
ResumeThread
CreateThread
CloseHandle
DuplicateHandle
SetEvent
WaitForSingleObject
TerminateThread
ExitThread
OutputDebugStringA
GetStdHandle
SetFilePointer
WriteFile

user32

ShowWindow
RemoveMenu
PtInRect
CreatePopupMenu
GetMenuItemCount
DestroyMenu
MessageBeep
IsWindowVisible
SetFocus
PostQuitMessage
LoadStringA
GetClientRect
MapWindowPoints
TrackPopupMenuEx
IsWindow
DestroyWindow
SetMenu
SetWindowPos
InvalidateRect
GetWindowRect
GetSystemMetrics
GetMenu
EnableMenuItem

ws2_32

send
closesocket
inet_addr

winmm

timeGetTime

Exports

Exports

ProcessMessage

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d0d112b831829c2c005d3a1b3e723c9e

Headers

File Characteristics

Imports

kernel32

user32

ws2_32

winmm

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 59KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 12KB - Virtual size: 16KB

.rsrc Size: 4KB - Virtual size: 2KB

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 60KB - Virtual size: 59KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 12KB - Virtual size: 16KB

.rsrc
Size: 4KB - Virtual size: 2KB

.reloc
Size: 12KB - Virtual size: 11KB