38d9dafed4e29731249edac54b7cef53b0c3038a1f08851f26d546a110775389_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

38d9dafed4e29731249edac54b7cef53b0c3038a1f08851f26d546a110775389_NeikiAnalytics.exe
Size

71KB
MD5

f1de05fd248ec7826b34c44fdc1332b0
SHA1

c547a22c7f4084e27bf04d236919dd1159832b7e
SHA256

38d9dafed4e29731249edac54b7cef53b0c3038a1f08851f26d546a110775389
SHA512

863fefa0175bdc7635d20dcb27af38c9c5baf8f354b4f8354da9d0559634246f0195851f37fb7d32e4e14d8e70302605a13c1af89a107a2f3aa124e6032cdf94
SSDEEP

768:g7Nr2AA9vW7Z+GRxlef4enCwjeXdxpsuE8YpB2YEOuTHgnk7:8ANW7X8vlKXdxpDE8YpQYEOvk7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38d9dafed4e29731249edac54b7cef53b0c3038a1f08851f26d546a110775389_NeikiAnalytics.exe

Files

38d9dafed4e29731249edac54b7cef53b0c3038a1f08851f26d546a110775389_NeikiAnalytics.exe
.exe windows:6 windows x86 arch:x86

af3d6dc1111a5f43c9e1532522508ae9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\userPD\Desktop\이걸로성공한다\스타트 - 복사본\Debug\20160729_winApi.pdb

Imports

kernel32

FreeLibrary
VirtualQuery
GetProcessHeap
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameW
WideCharToMultiByte
MultiByteToWideChar
LoadLibraryExW
GetProcAddress
GetLastError
RaiseException
IsDebuggerPresent
DecodePointer
EncodePointer
GetModuleHandleW
IsProcessorFeaturePresent
GetTickCount
Sleep

user32

LoadIconA
LoadCursorA
AdjustWindowRect
SetWindowPos
ShowWindow
CreateWindowExA
RegisterClassA
DispatchMessageA
TranslateMessage
GetMessageA
GetAsyncKeyState
GetKeyState
InvalidateRect
EndPaint
BeginPaint
KillTimer
SetTimer
PostQuitMessage
DefWindowProcA
PostMessageA
PtInRect

gdi32

Rectangle
GetStockObject
TextOutA

msvcp120d

?_Debug_message@std@@YAXPB_W0I@Z
?_Xout_of_range@std@@YAXPBD@Z
??0_Container_base12@std@@QAE@XZ
??1_Container_base12@std@@QAE@XZ
?_Orphan_all@_Container_base12@std@@QAEXXZ
?_Xbad_alloc@std@@YAXXZ
?_Xlength_error@std@@YAXPBD@Z
??0id@locale@std@@QAE@I@Z
?_Syserror_map@std@@YAPBDH@Z
?_Winerror_map@std@@YAPBDH@Z

msvcr120d

??2@YAPAXI@Z
??3@YAXPAX@Z
srand
__CxxFrameHandler3
_purecall
memcpy
strlen
memmove
_hypot
_CxxThrowException
_CRT_RTC_INITW
??1type_info@@UAE@XZ
_lock
_unlock
_CrtDbgReportW
_wsplitpath_s
__dllonexit
_onexit
_XcptFilter
__crtGetShowWindowMode
_amsg_exit
__getmainargs
__set_app_type
_CrtSetCheckCount
exit
_exit
_cexit
_ismbblead
_configthreadlocale
__setusermatherr
_initterm_e
_initterm
_acmdln
_fmode
_commode
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
?terminate@@YAXXZ
_except_handler4_common
__crtSetUnhandledExceptionFilter
_invoke_watson
_controlfp_s
wcscpy_s
_wmakepath_s
_calloc_dbg
vsprintf_s
rand

Sections

.textbss
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

af3d6dc1111a5f43c9e1532522508ae9

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msvcp120d

msvcr120d

Sections

.textbss Size: - Virtual size: 64KB

.text Size: 50KB - Virtual size: 50KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 1024B - Virtual size: 2KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 2KB

.textbss
Size: - Virtual size: 64KB

.text
Size: 50KB - Virtual size: 50KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 1024B - Virtual size: 2KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 2KB