00d24c35b1db660b7f5cab3692cca4dbb9d7fdc02db0085fad8b8d9a8a1a8bfa_NeikiAnalytics[.]exe

General

Target

00d24c35b1db660b7f5cab3692cca4dbb9d7fdc02db0085fad8b8d9a8a1a8bfa_NeikiAnalytics.exe
Size

74KB
MD5

513f8459ace70aff2d2c0ec36dad0220
SHA1

f45b9085396ecec76c888e8e477f65eeb0fde6dc
SHA256

00d24c35b1db660b7f5cab3692cca4dbb9d7fdc02db0085fad8b8d9a8a1a8bfa
SHA512

507c9c25fe5ab677a07a20b983e0bae80ed1df6425350dba8c57ac310d0790ff38e7e864047e25c2bf24c572fd65c55859fd12bff95237575d17af060812edbc
SSDEEP

768:Y/xfGM3hvrV1pUZ6mHsqY9AWUFmAFksErguiHHaBCdDiYhGpS5JYGFnWTp1vyE:YpGQ9JGsVYmAmsEVO1DQ05JYqnA1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00d24c35b1db660b7f5cab3692cca4dbb9d7fdc02db0085fad8b8d9a8a1a8bfa_NeikiAnalytics.exe

Files

00d24c35b1db660b7f5cab3692cca4dbb9d7fdc02db0085fad8b8d9a8a1a8bfa_NeikiAnalytics.exe
.dll windows:5 windows x64 arch:x64

5a644516372d00741fe58cf7fafdd044

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetCurrentProcess
GetModuleFileNameA
GetModuleHandleExA
GetTickCount
QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
Sleep
DecodePointer
EncodePointer
IsDebuggerPresent

user32

LoadStringA
LoadIconA
SendMessageA
FindWindowA

msvcr100

_amsg_exit
__C_specific_handler
__CppXcptFilter
__crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
free
_initterm_e
_initterm
_malloc_crt
memset
strstr
_encoded_null

Exports

Exports

LoadLogo
LoadName
SendNotify

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a644516372d00741fe58cf7fafdd044

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

msvcr100

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 512B - Virtual size: 264B

.rsrc Size: 65KB - Virtual size: 65KB

.reloc Size: 512B - Virtual size: 36B

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 512B - Virtual size: 264B

.rsrc
Size: 65KB - Virtual size: 65KB

.reloc
Size: 512B - Virtual size: 36B