7739ea30c37dcee9e73e8a5ab91eaf70_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

7739ea30c37dcee9e73e8a5ab91eaf70_NeikiAnalytics.exe
Size

601KB
MD5

7739ea30c37dcee9e73e8a5ab91eaf70
SHA1

299ab6a716a1fec161a2e87c7816d0c0de32f436
SHA256

f1be1527d5615b74c6ee6a73ad3aa164f2071ec4f2fe8b6e2a7e76a7e57bc37d
SHA512

4f108d8b111368ea304a3dee8576023a9d40fd20863141469c141319fa3f1464f4513b1867c92ddec5ecf43e9cfab503d9036c62c14144d5c1f7d927fe7f47c5
SSDEEP

12288:TZJYswfXG5EIs1XHy7W5OPV9f1jCdJozSGKkyJxnpFx:TZJWXVIs1XHhEhMjZGMLnL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
7739ea30c37dcee9e73e8a5ab91eaf70_NeikiAnalytics.exe

Files

7739ea30c37dcee9e73e8a5ab91eaf70_NeikiAnalytics.exe
.dll regsvr32 windows:4 windows x64 arch:x64

c56357e768384a86a01d3fa40a982f19

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetSystemTimeAsFileTime
RtlLookupFunctionEntry
RtlUnwindEx
RaiseException
RtlPcToFileHeader
HeapAlloc
HeapFree
HeapReAlloc
FlsSetValue
GetCommandLineA
GetProcessHeap
HeapSize
FlsGetValue
FlsFree
FlsAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlCaptureContext
RtlVirtualUnwind
Sleep
GetStdHandle
HeapSetInformation
HeapCreate
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetACP
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetLocaleInfoW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
GetCurrentProcess
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
WritePrivateProfileStringA
GetThreadLocale
GetOEMCP
GetCPInfo
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
GlobalHandle
GlobalReAlloc
TlsAlloc
InitializeCriticalSection
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GetCurrentProcessId
CloseHandle
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
GetLocaleInfoA
lstrcmpA
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
LoadLibraryA
lstrcmpW
GetVersionExA
GetModuleHandleA
GetProcAddress
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
MulDiv
SetLastError
lstrlenA
CompareStringA
GetVersion
GetLastError
MultiByteToWideChar
ExitProcess
VirtualAlloc
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
HeapDestroy
SizeofResource

user32

GetSysColorBrush
GetDesktopWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
SetCursor
GetMessageA
TranslateMessage
GetActiveWindow
GetCursorPos
ValidateRect
PostQuitMessage
IsWindowEnabled
ShowWindow
SetWindowTextA
IsDialogMessageA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
GetClassLongPtrA
UnregisterClassA
GetPropA
RemovePropA
GetFocus
IsWindow
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageA
GetDlgItem
GetTopWindow
DestroyWindow
GetWindowLongPtrA
SetWindowLongPtrA
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
GetKeyState
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenu
PostMessageA
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
GetParent
CopyRect
GetClientRect
GetDC
ReleaseDC
InvalidateRect
SetTimer
EnableWindow
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetWindowLongA
SetWindowPos
SystemParametersInfoA
DestroyMenu
SetPropA
LoadCursorA
DrawIcon
SendMessageA
IsIconic
LoadIconA
GetSystemMetrics
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
TabbedTextOutA
GetWindowPlacement
GetWindowRect
GetWindow
GetSysColor
EndPaint
BeginPaint
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
SetFocus

gdi32

OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
CreateBitmap
GetStockObject
SetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetObjectA
CreateFontA
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
GetDeviceCaps
CreateDIBSection
DeleteObject
SetDIBitsToDevice
GetTextMetricsA
BitBlt
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA
RegCloseKey

shlwapi

PathFindExtensionA

ole32

CoLoadLibrary
CoTaskMemAlloc
CoTaskMemFree

oleaut32

VariantClear
VariantChangeType
VariantInit

Exports

Exports

DllRegisterServer
ETZkUkYCAQUjKnhxQ
FIhCpHbEPLwqlUzjn
GOFMcoHYDXthNEGGu
QiXzTdykwYbQKbtAc
kCeqIRpvdTyNXmLAt
wpBynvjTchaYIdpIC

Sections

.text
Size: 248KB - Virtual size: 248KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

TEXT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 224KB - Virtual size: 223KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c56357e768384a86a01d3fa40a982f19

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shlwapi

ole32

oleaut32

Exports

Exports

Sections

.text Size: 248KB - Virtual size: 248KB

TEXT Size: 1KB - Virtual size: 1KB

.rdata Size: 84KB - Virtual size: 84KB

.data Size: 13KB - Virtual size: 36KB

.pdata Size: 18KB - Virtual size: 18KB

.rsrc Size: 224KB - Virtual size: 223KB

.reloc Size: 10KB - Virtual size: 10KB

.text
Size: 248KB - Virtual size: 248KB

TEXT
Size: 1KB - Virtual size: 1KB

.rdata
Size: 84KB - Virtual size: 84KB

.data
Size: 13KB - Virtual size: 36KB

.pdata
Size: 18KB - Virtual size: 18KB

.rsrc
Size: 224KB - Virtual size: 223KB

.reloc
Size: 10KB - Virtual size: 10KB