50cb36709c3bcfa8cabeeb06e8bcc6a156a54a79650a34239fac447f6cb8e2f2_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

50cb36709c3bcfa8cabeeb06e8bcc6a156a54a79650a34239fac447f6cb8e2f2_NeikiAnalytics.exe
Size

65KB
MD5

9f8bdc9708f2c96205d9b02f4abdb370
SHA1

264115a7509eea2f1d5c1e7220eb5209c2354b05
SHA256

50cb36709c3bcfa8cabeeb06e8bcc6a156a54a79650a34239fac447f6cb8e2f2
SHA512

17715c9162a161dcf2fdb2a44ad54951fc625d243bbda9c664e97d558acde25776914d0233b3927ecd3967595c22e1e4f48acb6499fff5f202c6db1890e77965
SSDEEP

768:xqUHit1rrjyG4Iwk6rK7oEM36l65SgBV3v+1DS1gs+WlO5cs7fry1cAT6khwgUf:UnDoK7k/Sg7v0D3Wps7frlzk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
50cb36709c3bcfa8cabeeb06e8bcc6a156a54a79650a34239fac447f6cb8e2f2_NeikiAnalytics.exe

Files

50cb36709c3bcfa8cabeeb06e8bcc6a156a54a79650a34239fac447f6cb8e2f2_NeikiAnalytics.exe
.dll regsvr32 windows:6 windows x64 arch:x64

d9ecc1ca0a7ad3b4bfed84721a984f36

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

H:\source\source.IC\209637\Release_wdaidex_6\WX\Desktop_x86_64_VS2019\Release\wdaidex64.pdb

Imports

mfc140u

ord12532
ord9964
ord10091
ord8605
ord1858
ord12354
ord2545
ord3805
ord6141
ord6528
ord5749
ord5577
ord12210
ord9052
ord4461
ord5684
ord14191
ord2172
ord4462
ord4459
ord7207
ord10930
ord3996
ord12746
ord2473
ord1086
ord438
ord12762
ord6549
ord886
ord4722
ord8501
ord12967
ord7709
ord6320
ord4656
ord2270
ord6247
ord1340
ord820
ord2294
ord2279
ord2224
ord7190
ord7188
ord7347
ord7075
ord1360
ord850
ord8167
ord8084
ord12544
ord8023
ord5183
ord2439
ord12222
ord12223
ord14210
ord7650
ord14216
ord9089
ord4011
ord3949
ord12625
ord7668
ord2011
ord11664
ord11665
ord14088
ord12212
ord7719
ord14288
ord6121
ord14290
ord6123
ord14289
ord6122
ord3731
ord5706
ord11921
ord9989
ord7920
ord10124
ord11933
ord11901
ord12606
ord5080
ord5363
ord5552
ord9041
ord5339
ord5555
ord5083
ord5229
ord5062
ord5915
ord7460
ord7461
ord7450
ord5227
ord7922
ord9941
ord8900
ord6513
ord2297
ord14156
ord2285
ord1039
ord323
ord4444
ord7715
ord1450
ord983
ord3282
ord9959
ord9958
ord11342
ord9730
ord8703
ord8678
ord8666
ord10254
ord10256
ord10253
ord8843
ord9823
ord11115
ord8875
ord11026
ord3865
ord5918
ord9430
ord5026
ord6002
ord13401
ord3212
ord3209
ord7913
ord2698
ord14360
ord9976
ord9978
ord9977
ord3756
ord2475
ord2187
ord1033
ord296
ord8161
ord1489
ord2212
ord1491
ord9975
ord9979
ord5451
ord11414
ord11415
ord8830
ord11771
ord3716
ord11625
ord14204
ord8656
ord11902
ord6729
ord10691
ord8947
ord3173
ord13513
ord11944
ord11940
ord1700
ord1722
ord1748
ord1734
ord1755
ord4776
ord4843
ord4788
ord4806
ord4800
ord10711
ord10888
ord13288
ord3213
ord4794
ord2785
ord11705
ord5024
ord4853
ord4837
ord4782
ord4859
ord7538
ord11597
ord10146
ord4814
ord10148
ord4870
ord5108
ord12441
ord4752
ord4767
ord8010
ord10042
ord10041
ord10416
ord4828
ord9992
ord10855
ord9687
ord9188
ord4360
ord9745
ord11051
ord10900
ord10905
ord10910
ord10036
ord10863
ord10862
ord10051
ord10050
ord9384
ord4352
ord2967
ord10049
ord9988
ord14211
ord7651
ord10094
ord11211
ord14217
ord6631
ord11406
ord13354
ord5723
ord10017
ord2629
ord11806
ord3812
ord3279
ord3278
ord3172
ord11850
ord5081
ord5364
ord5553
ord9042
ord5084
ord5228
ord7923
ord9943
ord9972
ord12827
ord11058
ord8657
ord10443
ord4013
ord7616
ord11929
ord4721
ord3728
ord1492
ord324
ord1040
ord2327
ord2369
ord2372
ord2338
ord2371
ord473
ord2234
ord2336
ord2161
ord2266
ord2360
ord14193
ord2171

kernel32

DeleteCriticalSection
OutputDebugStringW
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
IsProcessorFeaturePresent
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
LocalAlloc
InitializeCriticalSectionEx
TerminateProcess
GetFullPathNameW
GetFileAttributesW
SetLastError
SetErrorMode
GetLastError
LocalFree
FormatMessageW
GetProcAddress
FreeLibrary
GetCurrentThreadId

user32

GetDC
ReleaseDC
FillRect
GetKeyState
EnableWindow
LoadBitmapW
LoadStringW

gdi32

BitBlt
Rectangle
GetStockObject
CreateCompatibleDC

oleaut32

LoadRegTypeLi

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__std_terminate
memcpy
memset
__std_type_info_destroy_list
__C_specific_handler
memmove

api-ms-win-crt-string-l1-1-0

wcslen
wcscpy
strlen
wcsncpy
wcsncmp

api-ms-win-crt-heap-l1-1-0

free
malloc
realloc

api-ms-win-crt-convert-l1-1-0

_wtoi

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vswprintf

api-ms-win-crt-utility-l1-1-0

labs

api-ms-win-crt-runtime-l1-1-0

_crt_atexit
_cexit
_register_onexit_function
_initterm
_initterm_e
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_execute_onexit_table

Exports

Exports

CommandeComposante
DeclareProxy
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Execution
bInitWLConvFromVM

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 988B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d9ecc1ca0a7ad3b4bfed84721a984f36

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mfc140u

kernel32

user32

gdi32

oleaut32

vcruntime140_1

vcruntime140

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-runtime-l1-1-0

Exports

Exports

Sections

.text Size: 22KB - Virtual size: 21KB

.rdata Size: 24KB - Virtual size: 24KB

.data Size: 1KB - Virtual size: 5KB

.pdata Size: 2KB - Virtual size: 1KB

.rsrc Size: 13KB - Virtual size: 13KB

.reloc Size: 1024B - Virtual size: 988B

.text
Size: 22KB - Virtual size: 21KB

.rdata
Size: 24KB - Virtual size: 24KB

.data
Size: 1KB - Virtual size: 5KB

.pdata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 13KB - Virtual size: 13KB

.reloc
Size: 1024B - Virtual size: 988B