10782931ad590f5bf7305543c84b195b8d4712a9ef7e07794acbb3b303239a3a_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

10782931ad590f5bf7305543c84b195b8d4712a9ef7e07794acbb3b303239a3a_NeikiAnalytics.exe
Size

51KB
MD5

2b18cd78c64bdb651b14ce41ddf67fc0
SHA1

1b11a6c3828129b4037323bc45a3afb2d0ab49e5
SHA256

10782931ad590f5bf7305543c84b195b8d4712a9ef7e07794acbb3b303239a3a
SHA512

6719a335c18784a5597fc4ea6c6e1ce58b59d8ad90f79e92b9503f62626a877bff8ac40041ebb07578a3dc6456e1109fd0546bc9a85652c78018fbfa2c12f924
SSDEEP

768:iwp9U4gGYMk0pJB6Xonl9nyG5v0F90DJ5rqn7tBVTI7kRlpbAT5HQSqWZW:iwLYMjpJB7nPnyi0F90DJ5mxXRlmT1D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10782931ad590f5bf7305543c84b195b8d4712a9ef7e07794acbb3b303239a3a_NeikiAnalytics.exe

Files

10782931ad590f5bf7305543c84b195b8d4712a9ef7e07794acbb3b303239a3a_NeikiAnalytics.exe
.dll windows:6 windows x86 arch:x86

0b775d863340458bf845603e0dc25f61

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

hqlib71a

CPMeetsMinimumVersion
UPMeetsMinimumVersion

bcrypt

BCryptGenerateSymmetricKey
BCryptOpenAlgorithmProvider
BCryptGenerateKeyPair
BCryptEncrypt
BCryptDecrypt
BCryptExportKey
BCryptImportKeyPair
BCryptFinalizeKeyPair
BCryptDestroyKey
BCryptCreateHash
BCryptHashData
BCryptFinishHash
BCryptDestroyHash
BCryptGenRandom
BCryptCloseAlgorithmProvider

kernel32

GetPrivateProfileStringA
CreateDirectoryA
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter

a4wapi

ord449
ord916
ord1203
ord4150
ord17
ord13
ord12
ord606
ord2402
ord2403
ord2405
ord2411
ord2406
ord2407
ord2243
ord2242
ord436
ord450
ord4000
ord118
ord2240
ord1951
ord803
ord841
ord870
ord806
ord807
ord843
ord808
ord809
ord811
ord821
ord820
ord822
ord823
ord824
ord825
ord826
ord827
ord828
ord829
ord830
ord834
ord835
ord840
ord972
ord847
ord848
ord884
ord795
ord796
ord861
ord831
ord832
ord833
ord601
ord602
ord603
ord605
ord614
ord615
ord620
ord621
ord610
ord611
ord612
ord503
ord516
ord202
ord204
ord321
ord320
ord323
ord324
ord328
ord330
ord342
ord332
ord344
ord345
ord348
ord353
ord1206
ord447
ord951
ord1105
ord1106
ord1107
ord1108
ord471
ord456
ord459
ord460
ord1421
ord1422
ord1423
ord1420
ord1424
ord1433
ord1434
ord1428
ord1429
ord1430
ord1431
ord1432
ord1435
ord1436
ord1437
ord1438

a4wrv

ord1000
ord1001
ord1002
ord1003
ord1005
ord143

vcruntime140

memcmp
memcpy
__std_type_info_destroy_list
memset
_except_handler4_common

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf
__stdio_common_vsprintf_s

api-ms-win-crt-runtime-l1-1-0

_cexit
_initterm_e
_initterm
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_execute_onexit_table

a4wcompat

errlogDebug

Exports

Exports

identifyEntry
rotoEntry

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0b775d863340458bf845603e0dc25f61

Headers

DLL Characteristics

File Characteristics

Imports

hqlib71a

bcrypt

kernel32

a4wapi

a4wrv

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-runtime-l1-1-0

a4wcompat

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 39KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 5KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 40KB - Virtual size: 39KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 5KB

.reloc
Size: 1KB - Virtual size: 1KB