27f9fadb5f4c5d2bd09c8cbfceaf7dd8ba07a9dd3f32232f72ce37ee06cc9be3_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

27f9fadb5f4c5d2bd09c8cbfceaf7dd8ba07a9dd3f32232f72ce37ee06cc9be3_NeikiAnalytics.exe
Size

91KB
MD5

044e5df449dc2de5833c401d10a24850
SHA1

26914da8472d4881fe36c48a967433292365d261
SHA256

27f9fadb5f4c5d2bd09c8cbfceaf7dd8ba07a9dd3f32232f72ce37ee06cc9be3
SHA512

2258dd87d50fe698d7c9b7bda89490ef501859ef08c6125a17da1e151ebefba834547ed83c8f06b508b487299151408cb22f72235a857f9048b8cc1512b6f15a
SSDEEP

1536:88qtkQfSrZwQuNYpazfkx8C/4+7rHkSFvSZTLMEm+emFuoqyrmsMRCvy6Gf1/L:ctFqrlYa8CPT3HkqSRi+em92Evk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27f9fadb5f4c5d2bd09c8cbfceaf7dd8ba07a9dd3f32232f72ce37ee06cc9be3_NeikiAnalytics.exe

Files

27f9fadb5f4c5d2bd09c8cbfceaf7dd8ba07a9dd3f32232f72ce37ee06cc9be3_NeikiAnalytics.exe
.dll windows:6 windows x86 arch:x86

8f82250c9a1f0eeb786d53da5cb7f90b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

python37

PyErr_SetNone
PyFloat_AsDouble
PyFloat_FromDouble
PyErr_SetString
PyLong_FromUnsignedLong
_PyArg_ParseTupleAndKeywords_SizeT
PyObject_Init
PyObject_IsInstance
PyMem_Free
PyExc_NotImplementedError
PyNumber_AsSsize_t
PyExc_IndexError
PySequence_Size
PyBaseObject_Type
PyObject_SetAttr
PyOS_snprintf
PyThreadState_Get
PySlice_AdjustIndices
PyExc_Exception
PyErr_SetObject
_Py_BuildValue_SizeT
_PyObject_CallFunction_SizeT
PyErr_WarnEx
PyFunction_Type
PyExc_DeprecationWarning
PyImport_ImportModule
PyErr_NormalizeException
PySequence_GetItem
PyLong_FromSsize_t
PyObject_GenericGetAttr
PyExc_RuntimeError
PyUnicode_AppendAndDel
PySlice_Unpack
PyLong_FromUnsignedLongLong
PyDict_Contains
PySys_GetObject
PyUnicode_AsLatin1String
PyBytes_FromString
PyMem_RawMalloc
PyGILState_Release
PyTuple_New
PyDict_Size
PyLong_FromLongLong
PyBuffer_FillInfo
PyUnicode_New
PyUnicode_FromWideChar
PyDictProxy_New
PyUnicode_AsASCIIString
PyDict_Next
PyDescr_NewMethod
PyBool_Type
PyTuple_Type
PySlice_Type
PyLong_Type
PyImport_GetModuleDict
PyModule_GetDict
PyCapsule_GetPointer
PyObject_CallFunctionObjArgs
PyLong_AsLong
PyUnicode_AsUTF8
PyObject_GetBuffer
PyList_New
PyModule_Create2
PyType_Ready
PyList_Append
PyWrapperDescr_Type
PyCapsule_New
PyDict_SetItem
PyDict_New
PyLong_FromVoidPtr
PyUnicode_AsWideChar
PyCapsule_Import
PyErr_NoMemory
PyDict_GetItemString
PyDict_GetItem
PyUnicode_DecodeLatin1
PyProperty_Type
PyBytes_FromStringAndSize
_Py_NotImplementedStruct
PyImport_Import
PyGILState_Ensure
PyUnicode_Compare
PyUnicode_Tailmatch
PyEval_GetFrame
PyObject_IsTrue
PyUnicode_AsUTF8String
PyTuple_Pack
_PyUnicode_Ready
PyCallable_Check
PyUnicode_DecodeASCII
PyExc_SystemError
PyMem_RawFree
PyType_Modified
PyObject_Print
PyErr_Print
PyUnicode_FromString
PyBuffer_Release
PyObject_Call
Py_AtExit
PyUnicode_CompareWithASCIIString
PyType_Type
PyUnicode_FromStringAndSize
PyThread_get_thread_ident
PyLong_AsSsize_t
PyLong_AsVoidPtr
PyCapsule_Type
PyObject_Malloc
PyExc_BufferError
PyExc_NameError
PyObject_CallObject
PyObject_GetAttrString
PyErr_Fetch
PyErr_Restore
PyMethod_Type
PyTuple_GetSlice
PyWeakref_GetObject
PyMethod_New
PyErr_GivenExceptionMatches
PyBool_FromLong
PyWeakref_NewRef
PyCFunction_Type
PyType_IsSubtype
_Py_TrueStruct
PyExc_TypeError
PyErr_Clear
PyErr_ExceptionMatches
PyLong_AsUnsignedLongMask
PyExc_OverflowError
_Py_FalseStruct
PyLong_AsUnsignedLongLongMask
PyLong_AsLongLong
PyLong_AsUnsignedLongLong
PyErr_Occurred
PyLong_AsUnsignedLong
PyType_GenericAlloc
PyUnicode_FromFormat
PyExc_AttributeError
PyObject_GetAttr
PyObject_GC_UnTrack
PyCFunction_NewEx
_PyArg_ParseTuple_SizeT
PyErr_Format
PyExc_ValueError
PyDict_SetItemString
_Py_NoneStruct
PyFloat_Type
PyLong_FromLong

kernel32

GetCurrentThreadId
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent

vcruntime140

memmove
strchr
__std_type_info_destroy_list
_except_handler4_common
memset

ucrtbase

__acrt_iob_func
__stdio_common_vfprintf
bsearch
_cexit
_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_execute_onexit_table

Exports

Exports

PyInit_sip

Sections

.text
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8f82250c9a1f0eeb786d53da5cb7f90b

Headers

DLL Characteristics

File Characteristics

Imports

python37

kernel32

vcruntime140

ucrtbase

Exports

Exports

Sections

.text Size: 67KB - Virtual size: 66KB

.rdata Size: 14KB - Virtual size: 13KB

.data Size: 3KB - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 248B

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 67KB - Virtual size: 66KB

.rdata
Size: 14KB - Virtual size: 13KB

.data
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 248B

.reloc
Size: 5KB - Virtual size: 5KB