30ddcc4046fe9e76cc739a9333d10906732c5a02d343e69bec657253cbc89c67_NeikiAnalytics[.]exe

General

Target

30ddcc4046fe9e76cc739a9333d10906732c5a02d343e69bec657253cbc89c67_NeikiAnalytics.exe
Size

28KB
MD5

b9de2ad5b090ab05669c54cbf5790320
SHA1

f17e97a719784124e3ec45a7352f440ec192de6c
SHA256

30ddcc4046fe9e76cc739a9333d10906732c5a02d343e69bec657253cbc89c67
SHA512

b34c7658092067f4e66d64a54c9f1f2971fa9a5aba4342bf0a34599c2980609a618f3dbdc63ff888342edfbeca4de9f4408727966eeec8f044c0ad26047400d4
SSDEEP

384:5R5riI4Bs4I+73xeE6DWzQxHfWVG6OPt/8ZMz4HMRO+U9mMynRxgZeIIrDsg:ndiW4I43x2ycx+VGlt0mfMBmMynwgIS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30ddcc4046fe9e76cc739a9333d10906732c5a02d343e69bec657253cbc89c67_NeikiAnalytics.exe

Files

30ddcc4046fe9e76cc739a9333d10906732c5a02d343e69bec657253cbc89c67_NeikiAnalytics.exe
.dll windows:4 windows x86 arch:x86

3b68c996fcd43b1d3e237928d37af8ae

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

foundation

.objc_class_name_NSMutableData
NSLog
NSFileHandleNotificationDataItem
.objc_class_name_NSMutableArray
.objc_class_name_NSMutableString
.objc_class_name_NSConstantString
.objc_class_name_NSObject
.objc_class_name_NSString
.objc_class_name_NSNotificationCenter
NSClassFromString
.objc_class_name_NSDate
.objc_class_name_NSCharacterSet

nextpdo

objc_getClass
__objc_execClass
.objc_class_name_Protocol
objc_msgSendSuper
objc_msgSend

msvcrt

printf
free
_initterm
memset
sprintf
_adjust_fdiv
__dllonexit
_onexit
malloc
strcat
getenv
_fpreset
__argv
__argc

kernel32

Sleep
GetModuleHandleA
GlobalAlloc
GlobalFree
GetProcAddress
GetVersion
GetModuleFileNameA

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dtor
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b68c996fcd43b1d3e237928d37af8ae

Headers

File Characteristics

Imports

foundation

nextpdo

msvcrt

kernel32

Sections

.text Size: 6KB - Virtual size: 5KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 1KB

.idata Size: 1KB - Virtual size: 1KB

.dtor Size: 512B - Virtual size: 8B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 6KB - Virtual size: 5KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 1KB

.idata
Size: 1KB - Virtual size: 1KB

.dtor
Size: 512B - Virtual size: 8B

.reloc
Size: 1KB - Virtual size: 1KB