4311abb045bf4e37f808471f2342f840_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

4311abb045bf4e37f808471f2342f840_NeikiAnalytics
Size

125KB
MD5

4311abb045bf4e37f808471f2342f840
SHA1

8113620ed56e51607a63b014fba4489bf869b8d9
SHA256

8de3748988040deca3b060f68bea10b2a4a516e868dc19fd799a38ef757dc07b
SHA512

4e1e39c60cd2138d55470a73f76d1d6ab9667656964bbad2919cebfb64fe9e7219a583fe7bbb38098f54c10b504af349b9c2463e478fe3c27104999593b7f8b8
SSDEEP

3072:7AP0BvsJGjwVd7nBSGDoV6CLup9gIdRWn:cP0BvFYd7/DovSDxkn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4311abb045bf4e37f808471f2342f840_NeikiAnalytics

Files

4311abb045bf4e37f808471f2342f840_NeikiAnalytics
.exe windows:1 windows x86 arch:x86

25cd2fd8d4fa53936ee8a132cc730074

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ShowWindow
InvalidateRect
InSendMessage
ReplyMessage
SetForegroundWindow
LoadBitmapA
GetDC
SendMessageA
ReleaseDC
ExitWindowsEx
LoadStringA
CharNextA
CharUpperBuffA
wsprintfA
GetSystemMetrics
PeekMessageA
TranslateMessage
DispatchMessageA
SetWindowTextA
OemToCharA

gdi32

DeleteObject
DeleteDC
BitBlt
SelectObject
CreateCompatibleDC
SetBkColor

mscomstf

FOpenInf
DoMsgBox
CbGetSymbolValue
UsGetListLength
CbGetListItem
FAddListItem
FRemoveSymbol
FSetSilent
FMakeListInfSectionField
FAddSectionFilesToCopyList
FOpenLogFile
FCloseLogFile
FWriteToLogFile
EercErrorHandler
FValidPath
FValidDir

msuilstf

FKillNDialogs
FDoDialogExt

msshlstf

FSetBitmap
FSetAbout
InitializeFrame
FSetSymbolValue
HShowWaitCursor
HwndFrame
HinstFrame
TerminateFrame
FRestoreCursor

msdetstf

FDoesFileExist
FGetLocalHardDrivesList
LcbFreeDrive
FDirExists

msinsstf

FIsDirWritable
FIsFileWritable
TerminateInstall
FAddToBillboardList
GrcCopyFilesInCopyList
ProSetPos
LcbGetCopyListCost
ResetCopyList
FCreateDir
FInitializeInstall

db2imsg

DB2IGetMsg

msvcrt20

_ltoa
strtok
fwrite
rewind
fread
getenv
time
_exit
_XcptFilter
__p__acmdln
_initterm
__getmainargs
_adjust_fdiv
__p__commode
__p__fmode
_except_handler3
_controlfp
memset
_strdate
remove
rename
fopen
fgets
fclose
toupper
strchr
strpbrk
strstr
strlen
strcpy
strcat
exit
strcmp
sprintf
_itoa
atoi
malloc
free
printf
_ftol
atof
fprintf
fseek
memcpy
memcmp
strspn
fputs
atol
_strlwr
_strupr
_getcwd

advapi32

RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegRestoreKeyA
RegCreateKeyExA
RegSaveKeyA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
GetUserNameA
RegQueryInfoKeyA
FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation
RegSetValueExA
RegCreateKeyA
CloseServiceHandle
CreateServiceA
OpenSCManagerA

kernel32

GetFileAttributesA
GetModuleHandleA
DeleteFileA
GetCurrentProcess
GetLastError
CopyFileA
FormatMessageA
CloseHandle
CreateFileA
lstrcmpA
SetEnvironmentVariableA
GetEnvironmentVariableA
CreateDirectoryA
GetDriveTypeA
CreateProcessA
GetExitCodeProcess
WaitForSingleObject
SetCurrentDirectoryA
GetCurrentDirectoryA
Sleep
GetShortPathNameA
GetVersionExA
SleepEx
LoadLibraryA
GetProcAddress
GetStartupInfoA
GetSystemDirectoryA
GetWindowsDirectoryA
lstrcatA
lstrcpyA
SetErrorMode
lstrlenA
FreeLibrary

version

VerInstallFileA
VerFindFileA

Sections

.text
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

25cd2fd8d4fa53936ee8a132cc730074

Headers

File Characteristics

Imports

user32

gdi32

mscomstf

msuilstf

msshlstf

msdetstf

msinsstf

db2imsg

msvcrt20

advapi32

kernel32

version

Sections

.text Size: 77KB - Virtual size: 76KB

.bss Size: - Virtual size: 5KB

.rdata Size: 1024B - Virtual size: 888B

.data Size: 29KB - Virtual size: 29KB

.idata Size: 5KB - Virtual size: 4KB

.reloc Size: 11KB - Virtual size: 11KB

.text
Size: 77KB - Virtual size: 76KB

.bss
Size: - Virtual size: 5KB

.rdata
Size: 1024B - Virtual size: 888B

.data
Size: 29KB - Virtual size: 29KB

.idata
Size: 5KB - Virtual size: 4KB

.reloc
Size: 11KB - Virtual size: 11KB