4a0cc72c468d03de40cdc9c967bd89bbbb58c374e726d043e44b766d1eb74317_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

4a0cc72c468d03de40cdc9c967bd89bbbb58c374e726d043e44b766d1eb74317_NeikiAnalytics.exe
Size

282KB
MD5

6e9405fb83fe196b9e6f744665a9fee0
SHA1

c327f2623c16a2fe382b38d5eade55d31f8b61f9
SHA256

4a0cc72c468d03de40cdc9c967bd89bbbb58c374e726d043e44b766d1eb74317
SHA512

5eed0d2145eb602607f9a66d38cadeff5bb8b067b627dd032e54dc6515784477d0513bd2045957aeb40a0cf433fb55d285a34a179eef5fa902a55024e7ca1ce1
SSDEEP

6144:2DDBFHv1dExKUi5NRsyQnadXmec8FG2bZOajK2Jnww/5rYb5:2/PD5NRsyQnaw9ERbNjVJal

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a0cc72c468d03de40cdc9c967bd89bbbb58c374e726d043e44b766d1eb74317_NeikiAnalytics.exe

Files

4a0cc72c468d03de40cdc9c967bd89bbbb58c374e726d043e44b766d1eb74317_NeikiAnalytics.exe
.dll windows:4 windows x64 arch:x64

495fa96a82db5ac2466921c0bbdc27a8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\mhc\jmde\Release64\plugins\fx\reastream.pdb

Imports

wsock32

ntohs
htonl
recvfrom
sendto
WSAStartup
setsockopt
htons
inet_ntoa
bind
socket
__WSAFDIsSet
select
closesocket
shutdown
getsockname
ioctlsocket

kernel32

WriteConsoleA
SetStdHandle
FlushFileBuffers
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetConsoleMode
GetConsoleCP
SetFilePointer
GetLocaleInfoA
MultiByteToWideChar
CloseHandle
WaitForSingleObject
GetModuleFileNameA
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetProcAddress
LoadLibraryA
DeleteCriticalSection
GetPrivateProfileStringA
GetConsoleOutputCP
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapSize
RtlVirtualUnwind
GetStdHandle
WriteFile
RtlPcToFileHeader
RaiseException
HeapDestroy
HeapCreate
HeapSetInformation
RtlCaptureContext
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
WriteConsoleW
CreateFileA
WritePrivateProfileStringA
ExitThread
FormatMessageA
GetThreadLocale
GetSystemTimeAsFileTime
GetCurrentThreadId
GetLastError
CreateThread
HeapFree
RtlLookupFunctionEntry
RtlUnwindEx
HeapAlloc
HeapReAlloc
TlsSetValue
GetCommandLineA
GetVersionExA
GetProcessHeap
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsFree
SetLastError
ExitProcess
Sleep
TerminateProcess

user32

GetClassNameA
BeginPaint
GetWindow
IsWindowVisible
GetWindowRect
ScreenToClient
GetWindowLongA
GetSysColor
EndPaint
SendDlgItemMessageA
SendMessageA
KillTimer
GetDlgItemTextA
IsDlgButtonChecked
SetTimer
SetDlgItemTextA
SetWindowLongA
ShowWindow
CheckDlgButton
SetDlgItemInt
SetWindowLongPtrA
GetWindowLongPtrA
DialogBoxParamA
CreateDialogParamA
DestroyWindow
GetClientRect
GetDlgItem
EnableWindow

gdi32

RectInRegion
CombineRgn
DeleteObject
CreateSolidBrush
FillRgn
CreateRectRgnIndirect

Exports

Exports

VSTPluginMain

Sections

.text
Size: 179KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data1
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.trace
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 908B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

495fa96a82db5ac2466921c0bbdc27a8

Headers

File Characteristics

PDB Paths

Imports

wsock32

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 179KB - Virtual size: 179KB

.rdata Size: 68KB - Virtual size: 68KB

.data Size: 10KB - Virtual size: 229KB

.pdata Size: 6KB - Virtual size: 5KB

.data1 Size: 2KB - Virtual size: 1KB

.trace Size: 8KB - Virtual size: 7KB

.rsrc Size: 1024B - Virtual size: 908B

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 179KB - Virtual size: 179KB

.rdata
Size: 68KB - Virtual size: 68KB

.data
Size: 10KB - Virtual size: 229KB

.pdata
Size: 6KB - Virtual size: 5KB

.data1
Size: 2KB - Virtual size: 1KB

.trace
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 1024B - Virtual size: 908B

.reloc
Size: 6KB - Virtual size: 5KB