78efadde1313a790a832efc377c00ab0_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

78efadde1313a790a832efc377c00ab0_NeikiAnalytics
Size

464KB
MD5

78efadde1313a790a832efc377c00ab0
SHA1

c8d14d8e1bbd7b504abdc96d19c6a43e939517b6
SHA256

2964ae58f490b81e8d0ff50a9cc161ccfaa9d36515a5ea34a8489ccde2618113
SHA512

e6eba4b29fc77460522a5fb658f25c96952d975361474cf1e80c021fbe95bc5d82f7789767cb7c3fc06e9d05a7108b2874aa75ce1a08a01793593feb3d5c5b1c
SSDEEP

3072:JdiWi7CadjbnLAbaZUPsbwEgyAn9TMJ59XZ2F52f2BBHw7hDxBE:iWaTcAUPsQTo2F52fKi7hD3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78efadde1313a790a832efc377c00ab0_NeikiAnalytics

Files

78efadde1313a790a832efc377c00ab0_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

e7dd4c4f5fbc6d75cac0ed21d3a63650

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

xppui2

XBPBROWSE
XBPCOLUMN

xpprt1

?prepareOpStack
?ehIsError
?ehSetContext
?setjmp
?exeNativeError
?exeStackUnwind
?momSOn
?symContextInit
?retNil
?conNRelease
?frameExit
?ehUnwind
__vft18ConUndefinedObject10AtomObject
?conNAllocL
?domAssign
?momSOff
DBELOAD
?domNot
?retStackValue
MSGBOX
DBESETDEFAULT
?conNReleaseL
_QUIT
?conNewNil
BREAK
?pushCodeBlock
ERRORBLOCK
DBUSEAREA
?ehUnsetContext
?ehGetBreakContainer
?conRelease
CHR
SETAPPWINDOW
?conAssignRefWMember
?conMemberToItem
__vft19ConNumericIntObject10AtomObject
?conSendItem
SETAPPFOCUS
APPEVENT
?passParameter
DBGOTOP
DBGOBOTTOM
RECNO
DBPOSITION
DBGOPOSITION
?retStackItem
ACREATE
APPDESKTOP
?domValXEql
NATIONMSG
?domGetElem
?domSub
?domDiv
INT
RLOCK
?executeLMacro
DBUNLOCK
__vft20ConStringConstObject10AtomObject
STR
LTRIM
VAL
?domRefElem
TRIM
EVAL
LEN
?domGCmp
?orShortCut
?domLCmp
?domOr
?getRCFC
__vft21ConNumericFloatObject10AtomObject
__vft14ConLogicObject10AtomObject
__vft14ConStringShort10AtomObject
?nomClassLock
?nomClassUnlock
?retObject
?conGetClass
?nomCreateClass
?nomDefineVar
?nomDefineMethod
?nomRedefineVarOfClass
?nomEndClassDefinition
?conNewExtObject
?nomCallInitClass
?conGetSelfClass
?domSubEqu
?domAddEqu
ACLONE
?nomDefineVarMethod
PCOUNT
VALTYPE
UPPER
ASCAN
?conNewCon
AEVAL
ARRAY
?domXEql
?domNEql
?andShortCut
?domAnd
POSTAPPEVENT
ERROR
?domAdd
PROCNAME
EMPTY
?domValNEql
MEMOLINE
MIN
MAX
GET
ABS
XBPCLIPBOARD
TRANSFORM
SET
?domDec
?domInc
?domGECmp
?domLECmp
?domSubStr
TONE
SUBSTR
?symRefItemConst
?getWFPC
?getRFPC
_iniExitProcedureList
___iniStart
___iniGetDLLInitHook
__This_executable_needs_version_1_90_0
___xpprt1Version
TBROWSE
TBCOLUMN
?pushDynamicCodeBlock
LASTREC
DBSKIP
EOF
?domValLCmp
?domValGCmp
BOF
SETKEY
PROCLINE
SETAPPEVENT
LASTKEY
?conNewString
?domValGECmp
DLLLOAD
DLLCALL
DLLUNLOAD
XBPBASEDIALOG
XBPBASECRT
XBPBASECOMBOBOX
XBPBASELISTBOX
XBPBASEPUSHBUTTON
XBPBASESPINBUTTON
XBPBASEMENUBAR
XBPBASEMENU
XBPBASESLE
XBPBASEMLE
XBPBASETREEVIEW
XBPBASETREEVIEWITEM
XBPBASE3STATE
XBPBASETABPAGE
XBPBASESCROLLBAR
XBPBASECHECKBOX
XBPBASERADIOBUTTON
XBPBASESTATIC
XBPBASEPRESSPACE
SETMOUSE
BAND
AT
RIGHT
SHELLLINKRESOLVE
FOPEN
FSIZE
FREADSTR
FCLOSE
GRAQUERYTEXTBOX
?conOpNewInt
L2BIN
?domMul
CONVTOANSICP
REPLICATE
BIN2L
MAXROW
SETPOS
INKEY
LEFT
QQOUT
DISPOUT
ROW
COL
SPACE
?domValEql
LOADRESOURCE
THREADID
DOSERROR
WORKSPACELIST
?setSWArea
DBCOMMIT
?restWArea
DBCLOSEAREA
DBRROLLBACK
DBSESSION
?domEql
ISFUNCTION
?executeMacro
AADD
DOSERRORMESSAGE
APPTYPE
ALERT
_BREAK
ERRORLEVEL
ISMETHOD
STRTRAN
CONFIRMBOX
ROOTCRT
PADL
QOUT
OUTERR
APPNAME
DATE
TIME
VERSION
OS
VAR2CHAR
MLCOUNT
RTRIM
LASTAPPEVENT
ATAIL
ASIZE

xppdbgc

__XPPdbgClient

Sections

.text
Size: 363KB - Virtual size: 363KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xpp
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e7dd4c4f5fbc6d75cac0ed21d3a63650

Headers

File Characteristics

Imports

xppui2

xpprt1

xppdbgc

Sections

.text Size: 363KB - Virtual size: 363KB

.data Size: 45KB - Virtual size: 45KB

.xpp Size: 3KB - Virtual size: 2KB

.idata Size: 5KB - Virtual size: 5KB

.reloc Size: 15KB - Virtual size: 14KB

.text
Size: 363KB - Virtual size: 363KB

.data
Size: 45KB - Virtual size: 45KB

.xpp
Size: 3KB - Virtual size: 2KB

.idata
Size: 5KB - Virtual size: 5KB

.reloc
Size: 15KB - Virtual size: 14KB