7f8152a8f5f9daad1351d39bf40802a0_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

7f8152a8f5f9daad1351d39bf40802a0_NeikiAnalytics.exe
Size

248KB
MD5

7f8152a8f5f9daad1351d39bf40802a0
SHA1

cd401b15e0f2c7db6eb0ab03847c384f23d27b95
SHA256

3bd84e2884a6574a28185971e6b713381c0868e2c56ee3d2b29ec3927543355c
SHA512

0823af5f3c953c648f12ffe03d5e4faee17a5b7e1a781ab3c3442224f6ec9ce554d132f549806a086dd4e9c56b8704c53a01f6ab44770c09b3cf616013b369b2
SSDEEP

3072:c9l9LyFSQLvmBVG1LtzXyVnnHpIgFlWW8Bifo3i8Fwn7P05wDKHK:cJlQL0VG1LtzXunHCA8iPKHK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7f8152a8f5f9daad1351d39bf40802a0_NeikiAnalytics.exe

Files

7f8152a8f5f9daad1351d39bf40802a0_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

97e48517fbf180f4cf4286b2b247a579

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetExitCodeProcess
OpenProcess
GetUserDefaultLCID
Sleep
ReadFile
FreeResource
LockResource
LoadResource
FindResourceA
GetTickCount
CreateThread
MulDiv
GlobalFlags
_lclose
_hread
_llseek
_lopen
SetLastError
GetUserDefaultLangID
GetModuleFileNameA
CreateProcessA
LocalAlloc
WaitForSingleObject
MultiByteToWideChar
LocalFree
lstrcatA
CreateFileA
DeviceIoControl
CloseHandle
lstrcmpA
lstrcpyA
WideCharToMultiByte
SizeofResource
GetVersionExA
EnterCriticalSection
WriteFile
VirtualFree
InitializeCriticalSection
HeapDestroy
GetEnvironmentVariableA
HeapCreate
GetFileType
GetStdHandle
GetEnvironmentStringsW
GetEnvironmentStrings
SetHandleCount
FreeEnvironmentStringsA
UnhandledExceptionFilter
FreeEnvironmentStringsW
TlsGetValue
TlsSetValue
GetCurrentThreadId
TlsAlloc
HeapSize
HeapAlloc
HeapFree
GetCurrentProcess
TerminateProcess
HeapReAlloc
GetVersion
GetCommandLineA
ExitProcess
GetModuleHandleA
RtlUnwind
GetStartupInfoA
GlobalFree
GlobalUnlock
lstrlenA
GlobalAlloc
GetLastError
GlobalLock
FreeLibrary
GetProcAddress
lstrcmpiA
IsDBCSLeadByte
LeaveCriticalSection
LoadLibraryA
IsBadWritePtr
GetComputerNameA
VirtualAlloc
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
InterlockedIncrement
GetOEMCP
LCMapStringA
InterlockedDecrement
LCMapStringW

user32

PostQuitMessage
CharNextA
GetSystemMetrics
IsCharAlphaA
IsCharAlphaNumericA
CharPrevA
MessageBoxA
wsprintfA
LoadCursorA
LoadIconA
DefWindowProcA
RegisterWindowMessageA
DestroyWindow
LoadStringA
SendMessageA
GetParent
KillTimer
SetWindowLongA
GetClientRect
SetTimer
ClientToScreen
EnableWindow
InvalidateRect
SetFocus
SetDlgItemTextA
UpdateWindow
IsIconic
GetClassInfoExA
GetWindowTextLengthA
GetWindowTextA
GetMessageA
RegisterClassExA
SetCursor
EndDialog
TranslateMessage
DispatchMessageA
DestroyIcon
CreateDialogIndirectParamA
DialogBoxIndirectParamA
DrawIcon
EndPaint
IntersectRect
CreateWindowExA
BeginPaint
LoadBitmapA
SetWindowTextA
ShowWindow
ScreenToClient
ReleaseDC
GetDlgItem
GetWindowRect
SetWindowPos
GetWindow
PeekMessageA
PostMessageA
GetDC
GetWindowLongA

gdi32

RealizePalette
CreateCompatibleDC
GetDeviceCaps
DeleteObject
CreateDIBitmap
SelectPalette
CreatePalette
GetTextExtentPointA
BitBlt
SelectObject
FillRgn
CombineRgn
CreateRectRgn
GetObjectA
GetStockObject

winspool.drv

SetPrinterA
GetPrinterA
GetPrinterDriverA
GetPrinterDataA
DeletePrinterConnectionA
DeletePrinter
AddPrinterA
ClosePrinter
OpenPrinterA
GetPrinterDriverDirectoryA
EnumPortsA
EnumPrintersA

advapi32

RegEnumKeyExA
RegEnumValueA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA

Sections

.text
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

97e48517fbf180f4cf4286b2b247a579

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

Sections

.text Size: 88KB - Virtual size: 86KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 16KB - Virtual size: 14KB

.rsrc Size: 124KB - Virtual size: 123KB

.text
Size: 88KB - Virtual size: 86KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 16KB - Virtual size: 14KB

.rsrc
Size: 124KB - Virtual size: 123KB