3e207955f5f8dfb7790ebfc2128778841b1026017a2c896106f0d6123765684a_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

3e207955f5f8dfb7790ebfc2128778841b1026017a2c896106f0d6123765684a_NeikiAnalytics.exe
Size

2.1MB
MD5

b20b60c4dd5d58f0f03f7ccb1a7c1050
SHA1

fd1c0c729f22dc600b8c77f0b82cb1bea3641aaa
SHA256

3e207955f5f8dfb7790ebfc2128778841b1026017a2c896106f0d6123765684a
SHA512

01f131e3e1297e88e11dede0de35577f288f52b23cd2c1699cdf7023903a9fc68ca5b02803487a70a9c5cea0124e9775f71376bdb41959ddbe67d6ee7bf47f6e
SSDEEP

49152:cHQepcfvGf0FCrDecLrFGu1l6pncxPBL:8QjvGf0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e207955f5f8dfb7790ebfc2128778841b1026017a2c896106f0d6123765684a_NeikiAnalytics.exe

Files

3e207955f5f8dfb7790ebfc2128778841b1026017a2c896106f0d6123765684a_NeikiAnalytics.exe
.exe windows:5 windows x86 arch:x86

d53194f75f262ddaf3edad0200a4bcc2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Administrator\Desktop\KinSeal_Sim\Release\Simulation.pdb

Imports

winmm

timeGetDevCaps
timeGetTime
timeSetEvent
timeBeginPeriod

kernel32

GetCurrentDirectoryA
OutputDebugStringA
GetThreadContext
SetProcessAffinityMask
SetPriorityClass
SetThreadContext
GetCurrentProcess
WaitForSingleObject
SetEvent
InitializeCriticalSection
TerminateThread
Sleep
CreateEventA
LeaveCriticalSection
Beep
ExitThread
SetThreadPriority
GetLastError
EnterCriticalSection
ResetEvent
SetConsoleCtrlHandler
WaitForMultipleObjects
GetCurrentThreadId
CloseHandle
SuspendThread
ResumeThread
CreateThread
LoadLibraryA
SetupComm
CreateFileA
ClearCommError
GetCommState
FormatMessageA
WriteFile
SetCommState
SetCommTimeouts
ReadFile
GetOverlappedResult
PurgeComm
LocalFree
CreateMutexA
ReleaseMutex
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
EncodePointer
GetStartupInfoW
HeapSetInformation
InterlockedCompareExchange
InterlockedExchange
GetLocalTime
GetProcAddress
DecodePointer
GetTickCount
GetCurrentProcessId
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
QueryPerformanceCounter

user32

TranslateMessage
GetDC
BeginPaint
CreateWindowExA
DefWindowProcA
ShowWindow
DispatchMessageA
GetSystemMetrics
UpdateWindow
LoadCursorA
MessageBoxA
KillTimer
EndPaint
GetMessageA
SetTimer
RegisterClassExA
PostQuitMessage

gdi32

GetStockObject
SetDIBitsToDevice

msvcr100

_cexit
_CIcos
_CIsin
memcpy
memset
floor
_CItan
_CIsqrt
_CIatan2
_controlfp_s
_invoke_watson
_except_handler4_common
_onexit
_lock
__dllonexit
rand
sprintf
memmove
strncmp
vsprintf
fflush
fopen
fread
fclose
free
malloc
_errno
calloc
setlocale
fseek
ceil
_wassert
printf
exit
_amsg_exit
__getmainargs
_unlock
_exit
_XcptFilter
_ismbblead
_acmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_commode
_fmode
__set_app_type
_crt_debugger_hook
?terminate@@YAXXZ
_CIpow

Exports

Exports

strdup

Sections

.text
Size: 468KB - Virtual size: 468KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 326.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 481KB - Virtual size: 481KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d53194f75f262ddaf3edad0200a4bcc2

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

winmm

kernel32

user32

gdi32

msvcr100

Exports

Exports

Sections

.text Size: 468KB - Virtual size: 468KB

.rdata Size: 1.1MB - Virtual size: 1.1MB

.data Size: 2KB - Virtual size: 326.9MB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 481KB - Virtual size: 481KB

.text
Size: 468KB - Virtual size: 468KB

.rdata
Size: 1.1MB - Virtual size: 1.1MB

.data
Size: 2KB - Virtual size: 326.9MB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 481KB - Virtual size: 481KB