81a57e8faaaf2b2f452da1feb78a8810_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

81a57e8faaaf2b2f452da1feb78a8810_NeikiAnalytics.exe
Size

3.1MB
MD5

81a57e8faaaf2b2f452da1feb78a8810
SHA1

5856bd42f51df1363297bd2a51f3c0ef416993fb
SHA256

f0e28ed771354e502f928c3151aa0a0ec7241a0ed8bb72427dba54c95e06a45e
SHA512

61b2e496efe3cfc6e3f6f69ef6fcc36852a4893aa90860a0f90ec6250764940ab928e8aa78aa90bb276d45a827df5bf9cb7c88a8554ec1c81efdc958d77eb8f8
SSDEEP

98304:R6Q7SpY/Hk1oBVEIoaBQEYFoU2YNjDIUYj6nUh:IQ2pyk1aEE+oDcgx6i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
81a57e8faaaf2b2f452da1feb78a8810_NeikiAnalytics.exe

Files

81a57e8faaaf2b2f452da1feb78a8810_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

1dfb88437352c0f6d5952003fbeb82fd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyA
RegSetValueExA
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyExA
CloseServiceHandle
OpenSCManagerA
RegCreateKeyA
RegDeleteKeyA
RegEnumKeyExA
CreateServiceA
QueryServiceStatus
ControlService
StartServiceA
OpenServiceA
DeleteService

kernel32

SetFileAttributesA
CopyFileA
GetWindowsDirectoryA
GetSystemDirectoryA
lstrcpyA
GetModuleHandleA
OpenFile
lstrlenA
LocalAlloc
RemoveDirectoryA
WriteFile
CloseHandle
ReadFile
GlobalFree
CreateFileA
GlobalAlloc
Sleep
FindClose
FindFirstFileA
MoveFileA
CreateDirectoryA
DeviceIoControl
GetVersion
OpenProcess
TerminateProcess
CreateEventA
LocalReAlloc
GetCurrentProcessId
WaitForSingleObject
SetEvent
GetVersionExA
LoadLibraryA
GetModuleFileNameA
GetStartupInfoA
GetCommandLineA
ExitProcess
DeleteFileA
GetCurrentProcess
HeapAlloc
HeapReAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
VirtualAlloc
MultiByteToWideChar
LCMapStringA
LCMapStringW
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
GetStringTypeA
GetStringTypeW
SetStdHandle
FlushFileBuffers
SetEndOfFile
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetCurrentDirectoryA
GetFullPathNameA
GetDriveTypeA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetLastError
WideCharToMultiByte
LocalFree
SetLastError
HeapFree
GetFileAttributesA
GetProcAddress
FreeLibrary

user32

SendMessageA
GetDlgItem
GetKeyboardType
EnumWindows
GetWindowTextA
GetParent
IsWindowVisible
GetWindowThreadProcessId
PeekMessageA
SendMessageCallbackA
SetForegroundWindow
FindWindowA
DialogBoxParamA
MessageBoxA
PostQuitMessage
DestroyWindow
ShowWindow
UpdateWindow
EndPaint
DefWindowProcA
LoadIconA
LoadCursorA
RegisterClassA
SystemParametersInfoA
CreateWindowExA
BeginPaint
EndDialog

gdi32

SetBkColor
TextOutA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

haspds_windows

haspds_UnInstall
haspds_Install
haspds_GetLastErrorMessage
haspds_GetInfo
haspds_GetLastError

Sections

.text
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2.8MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1dfb88437352c0f6d5952003fbeb82fd

Headers

File Characteristics

Imports

advapi32

kernel32

user32

gdi32

version

haspds_windows

Sections

.text Size: 172KB - Virtual size: 171KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 2.8MB - Virtual size: 2.9MB

.rsrc Size: 76KB - Virtual size: 76KB

.text
Size: 172KB - Virtual size: 171KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 2.8MB - Virtual size: 2.9MB

.rsrc
Size: 76KB - Virtual size: 76KB