94b417b4355864eb0ccea3ba0dacaf5159bae20b9502593890915771f537a8c5_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

94b417b4355864eb0ccea3ba0dacaf5159bae20b9502593890915771f537a8c5_NeikiAnalytics.exe
Size

100KB
MD5

dc65568a31e9c709a7e6eee6a8d5ac50
SHA1

ccaa1306b7a40920591bbcd1016bb9aabddb39d3
SHA256

94b417b4355864eb0ccea3ba0dacaf5159bae20b9502593890915771f537a8c5
SHA512

b4f04d7b6d2a1df21a0e2bae39870b5eb8278ae737aa5326cb655ecf95f3433d995b25d1bf32b0762c78717dc38c3244ada72d5c39d71c228ca2a47b6c8f5488
SSDEEP

3072:+eql1D7Y6Coc7u4yeIFp9rab3ym/FqLoQHIv1f+z:AgCUbi0qLoQb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
94b417b4355864eb0ccea3ba0dacaf5159bae20b9502593890915771f537a8c5_NeikiAnalytics.exe

Files

94b417b4355864eb0ccea3ba0dacaf5159bae20b9502593890915771f537a8c5_NeikiAnalytics.exe
.dll windows:6 windows x86 arch:x86

59c04004b79095af005d97c28163da16

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\adang\Desktop\MiscProgramming\PythonWin7\Python-3.10.5\PCbuild\win32\_elementtree.pdb

Imports

kernel32

GetCurrentProcessId
GetSystemTimeAsFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetCurrentThreadId
QueryPerformanceCounter
IsProcessorFeaturePresent

python310

PyUnicode_Join
_Py_Dealloc
_PyTrash_cond
PyObject_Free
PyErr_ExceptionMatches
_PyUnicode_FromId
PyModule_AddObject
_PyArg_ParseTuple_SizeT
PyObject_GC_Del
PyObject_CallFunctionObjArgs
_PyBytes_Resize
PyObject_ClearWeakRefs
PyUnicode_AsUTF8
PyUnicode_FromFormat
PyObject_GetBuffer
PySequence_Fast
PyList_New
PyModule_Create2
_PyObject_GetAttrId
PyType_Ready
PyExc_SyntaxError
PyObject_GetAttrString
PyErr_NewException
PyErr_Clear
PyList_Append
PyBytes_Type
PyObject_RichCompareBool
PyDict_SetItem
PyDict_New
PyUnicode_Type
PyObject_VectorcallMethod
PyDict_GetItemWithError
PyExc_StopIteration
PyType_GenericAlloc
PyCapsule_Import
PyList_Type
PyErr_NoMemory
PyObject_Realloc
PyIndex_Check
PyType_IsSubtype
PyBytes_FromStringAndSize
Py_ReprLeave
PyDict_DelItem
PyNumber_AsSsize_t
_PyObject_MakeTpCall
Py_ReprEnter
PyExc_TypeError
PyMem_Realloc
PyObject_IsTrue
PyDict_Copy
PyTuple_Pack
_PyUnicode_Ready
PyCallable_Check
PyMem_Malloc
PyExc_IndexError
PyExc_ImportError
PyState_FindModule
PyModule_GetState
_PyTrash_begin
_PyObject_GC_New
PyList_SetItem
PyDict_Keys
PyUnicode_FromString
PyBuffer_Release
PyObject_CallNoArgs
PyUnicode_FromStringAndSize
PyUnicode_AsEncodedString
PyErr_SetNone
PyObject_GC_UnTrack
PySlice_Unpack
PyLong_FromLong
PyObject_SetAttrString
PyExc_RuntimeError
PyModule_AddType
PyDict_Type
PyList_SetSlice
PyUnicode_AsUTF8AndSize
PyErr_Format
_PyArg_ParseTupleAndKeywords_SizeT
PyDict_Next
PyObject_GenericGetAttr
PyUnicode_DecodeUTF8
PyLong_FromSsize_t
PyExc_ValueError
_PyArg_UnpackKeywords
_PyTrash_end
PyNumber_Add
_PyObject_LookupAttrId
PyErr_SetString
_Py_CheckFunctionResult
_PyArg_BadArgument
PyUnicode_New
_PyObject_CallMethodIdObjArgs
PyExc_AttributeError
PyDict_Items
_Py_HashSecret
PyTuple_New
PyErr_Occurred
PyDict_Update
PyObject_GC_Track
_Py_NoneStruct
PyObject_SelfIter
PyImport_ImportModule
PySlice_Type
_PyArg_CheckPositional
PyLong_AsSsize_t
PyExc_RuntimeWarning
PyErr_WarnEx
PyObject_Malloc
_PyObject_SetAttrId
_PyObject_CallFunction_SizeT
_PyNumber_Index
_Py_BuildValue_SizeT
PyErr_SetObject
PySlice_AdjustIndices
PyThreadState_Get
PyMem_Free

vcruntime140

memmove
memcpy
memset
_except_handler4_common
__std_type_info_destroy_list

api-ms-win-crt-string-l1-1-0

strncat

api-ms-win-crt-runtime-l1-1-0

_initialize_narrow_environment
_initterm
_cexit
_execute_onexit_table
_initialize_onexit_table
_seh_filter_dll
_configure_narrow_argv
_initterm_e

Exports

Exports

PyInit__elementtree

Sections

.text
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

59c04004b79095af005d97c28163da16

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

python310

vcruntime140

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

Exports

Exports

Sections

.text Size: 71KB - Virtual size: 70KB

.rdata Size: 17KB - Virtual size: 17KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 71KB - Virtual size: 70KB

.rdata
Size: 17KB - Virtual size: 17KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 6KB - Virtual size: 5KB