99fea98f7239e33ea3d55b635363e4dafb6beb58187c3b0c345c200343d84328_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

99fea98f7239e33ea3d55b635363e4dafb6beb58187c3b0c345c200343d84328_NeikiAnalytics.exe
Size

648KB
MD5

52e1e520f0c9caadbd3a6461b9e48a60
SHA1

394041ee4ab6dccfe2bd8df82952831fd76830e1
SHA256

99fea98f7239e33ea3d55b635363e4dafb6beb58187c3b0c345c200343d84328
SHA512

7e6f5e4beb3a2ce2fed35504fa6fc31ea12ac06c812dea490ad3fec09e256b946b2ff52685b324b171e1495d2404539f7ae4e49213c8af13636a942a5beca814
SSDEEP

6144:YEyh5qfkdV9eD5xMGBnRuBFZ8HuBFZ8nuBFZ8FgstLvhMH3idh1MsATAzi5Xz1eN:4GN8st1usATAzipoiZTm9xN3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
99fea98f7239e33ea3d55b635363e4dafb6beb58187c3b0c345c200343d84328_NeikiAnalytics.exe

Files

99fea98f7239e33ea3d55b635363e4dafb6beb58187c3b0c345c200343d84328_NeikiAnalytics.exe
.exe windows:4 windows x64 arch:x64

1ec9a6daf88dc8e7e61aed2d00d8886c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

cygwin1

__errno
__getreent
__locale_mb_cur_max
__main
__wrap__ZdaPv
__wrap__ZdlPv
__wrap__Znam
__wrap__Znwm
_ctype_
_dll_crt0
_impure_ptr
abort
atexit
atoi
btowc
calloc
clock_gettime
close
connect
ctime
cygwin_detach_dll
cygwin_internal
dll_dllcrt0
exit
fclose
fcntl
fdopen
fflush
fileno
fopen
fputc
fputs
fread
free
fseek
fstat
ftell
fwrite
getc
gethostbyname
getwc
inet_addr
iswctype
lseek
malloc
mbrtowc
memalign
memchr
memcmp
memcpy
memmove
memset
poll
posix_memalign
printf
pthread_attr_destroy
pthread_attr_init
pthread_attr_setdetachstate
pthread_attr_setstacksize
pthread_cond_broadcast
pthread_cond_destroy
pthread_cond_signal
pthread_cond_wait
pthread_create
pthread_getspecific
pthread_key_create
pthread_mutex_init
pthread_mutex_lock
pthread_mutex_unlock
pthread_once
pthread_setspecific
putc
putchar
puts
putwc
raise
read
realloc
recv
send
setlocale
setvbuf
socket
sprintf
sqrt
sscanf
strchr
strcmp
strcoll
strdup
strerror
strftime
strlen
strncpy
strstr
strtod
strtof
strxfrm
sysconf
time
towlower
towupper
ungetc
ungetwc
usleep
vsprintf
wcrtomb
wcscoll
wcsftime
wcslen
wcsxfrm
wctob
wctype
wmemchr
wmemcmp
wmemcpy
wmemmove
wmemset
write
writev

kernel32

GetModuleHandleA
GetProcAddress
RaiseException
RtlCaptureContext
RtlLookupFunctionEntry
RtlUnwindEx

Sections

.text
Size: 445KB - Virtual size: 445KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 136KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1ec9a6daf88dc8e7e61aed2d00d8886c

Headers

DLL Characteristics

File Characteristics

Imports

cygwin1

kernel32

Sections

.text Size: 445KB - Virtual size: 445KB

.data Size: 85KB - Virtual size: 85KB

.rdata Size: 46KB - Virtual size: 46KB

.pdata Size: 26KB - Virtual size: 26KB

.xdata Size: 38KB - Virtual size: 38KB

.bss Size: - Virtual size: 136KB

.idata Size: 4KB - Virtual size: 4KB

.text
Size: 445KB - Virtual size: 445KB

.data
Size: 85KB - Virtual size: 85KB

.rdata
Size: 46KB - Virtual size: 46KB

.pdata
Size: 26KB - Virtual size: 26KB

.xdata
Size: 38KB - Virtual size: 38KB

.bss
Size: - Virtual size: 136KB

.idata
Size: 4KB - Virtual size: 4KB