4b0cdb5909888f152076f5c23b2aef4298f16b237df4ce17f798f62b223836b4_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

4b0cdb5909888f152076f5c23b2aef4298f16b237df4ce17f798f62b223836b4_NeikiAnalytics.exe
Size

372KB
MD5

76181d6d1916653145ea38c913e6f3e0
SHA1

7900e46172aac30220d063e283fa7aa702fd94d1
SHA256

4b0cdb5909888f152076f5c23b2aef4298f16b237df4ce17f798f62b223836b4
SHA512

15c39158d82b2b058282743833b82e1519fc414c76a1492144d52a632dfa62222de08d76188313815ecbccd8f00323cb47e6130a90c829070e4e06bc266ce3f8
SSDEEP

6144:Uv5GT27QZjhV2inQNjTpDFHTqjwR2ITv7j11HE4XLamWlBV+UdvrEFp7hKK:DS7QbPEjTpxTqj3sv7j11HE4qlBjvrE1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b0cdb5909888f152076f5c23b2aef4298f16b237df4ce17f798f62b223836b4_NeikiAnalytics.exe

Files

4b0cdb5909888f152076f5c23b2aef4298f16b237df4ce17f798f62b223836b4_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

eaf3ccac8f9ce1c008fae9f3689f32a8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\Projects\PortQuery\Debug\PortQry.pdb

Imports

ws2_32

closesocket
WSAGetLastError
WSAStartup
gethostbyname
inet_addr
gethostbyaddr
socket
bind
connect
WSACleanup
setsockopt
recv
send
inet_ntoa
ntohs
htons
getservbyport

wldap32

ord27
ord26
ord46
ord32
ord34
ord33
ord37
ord38
ord200
ord17
ord143
ord88
ord60
ord50
ord41

rpcrt4

RpcMgmtEpEltInqDone
UuidToStringA
RpcBindingFree
RpcStringFreeA
RpcBindingToStringBindingA
RpcStringBindingComposeA
RpcBindingFromStringBindingA
RpcMgmtEpEltInqBegin
RpcMgmtEpEltInqNextA

netapi32

Netbios

iphlpapi

GetUdpTable
GetTcpTable

psapi

EnumProcessModules
GetModuleFileNameExA
EnumProcesses

kernel32

SetEndOfFile
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsBadCodePtr
SetUnhandledExceptionFilter
GetOEMCP
GetACP
FlushFileBuffers
SetStdHandle
SetConsoleCtrlHandler
InterlockedExchange
SetFilePointer
GetCPInfo
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
GetStartupInfoA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
VirtualFree
HeapCreate
HeapDestroy
HeapReAlloc
GetTimeZoneInformation
FreeLibrary
ReadFile
GetModuleFileNameA
InterlockedIncrement
OutputDebugStringA
InterlockedDecrement
WriteFile
GetStdHandle
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
WriteConsoleA
CreateFileA
LCMapStringW
LCMapStringA
MultiByteToWideChar
WideCharToMultiByte
Sleep
HeapFree
IsBadReadPtr
GetProcessHeap
GetModuleHandleA
GetProcAddress
LoadLibraryA
LocalAlloc
LocalFree
GetComputerNameA
GetLastError
CloseHandle
OpenProcess
GetCommandLineA
HeapValidate
CompareStringA
CompareStringW
SetEnvironmentVariableA
HeapAlloc
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
PeekConsoleInputA
GetNumberOfConsoleInputEvents
TerminateProcess
GetCurrentProcess
ExitProcess
DebugBreak
RaiseException
GetVersionExA
GetSystemTimeAsFileTime
RtlUnwind
IsBadWritePtr

user32

GetAsyncKeyState

advapi32

OpenSCManagerA
EnumServicesStatusExA
CloseServiceHandle

Sections

.textbss
Size: - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 236KB - Virtual size: 235KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

eaf3ccac8f9ce1c008fae9f3689f32a8

Headers

File Characteristics

PDB Paths

Imports

ws2_32

wldap32

rpcrt4

netapi32

iphlpapi

psapi

kernel32

user32

advapi32

Sections

.textbss Size: - Virtual size: 111KB

.text Size: 236KB - Virtual size: 235KB

.rdata Size: 40KB - Virtual size: 39KB

.data Size: 8KB - Virtual size: 14KB

.idata Size: 8KB - Virtual size: 4KB

.textbss
Size: - Virtual size: 111KB

.text
Size: 236KB - Virtual size: 235KB

.rdata
Size: 40KB - Virtual size: 39KB

.data
Size: 8KB - Virtual size: 14KB

.idata
Size: 8KB - Virtual size: 4KB