8f75daa39e3ae779319a6a1812945a90_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

8f75daa39e3ae779319a6a1812945a90_NeikiAnalytics.exe
Size

215KB
MD5

8f75daa39e3ae779319a6a1812945a90
SHA1

0dc0f4ee5e43c27bc099ec2c46bc2f9d5da2417d
SHA256

0c22ca512ff0159e75efe633969076a66f806ff520f2a3c329c4cc18ace8b71f
SHA512

4e73c1541af689307abae4aacc7039347b9be2b03e8f02cbb81669627a5f44a83ce92ba5bfe2b454f60bdc8ea2f6758f0c97b7c0c08df25ce38d9f44b9595673
SSDEEP

3072:ZoAbvJrZ/CEp1Td3INNAILgwKRpP3fJ2pwLAt/iw1JmWTe1eyfLUH+xW6Lyk:Z7vJN/CE/TZINiPPBIwcuWTegi9W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8f75daa39e3ae779319a6a1812945a90_NeikiAnalytics.exe

Files

8f75daa39e3ae779319a6a1812945a90_NeikiAnalytics.exe
.exe windows:1 windows x86 arch:x86

a0f41bd5de82cbb844f692b48ffd09bd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddAtomA
GetFileTime
GetPriorityClass
OpenMutexW
lstrcatA
GetShortPathNameW
GlobalFindAtomW
GetWindowsDirectoryW
GetProcAddress
GetDateFormatW
CreateMutexA
GetModuleHandleA
CopyFileA
lstrcmpW
CreateFileMappingW
FindAtomW
GetLastError
GetExpandedNameA
OpenEventA
GetUserDefaultLangID
CreateFileMappingA
CreateDirectoryA
ReadDirectoryChangesW
GetCurrentDirectoryA
lstrcmpA
FatalAppExitW
SetEvent
GetEnvironmentStringsW
GetExpandedNameW
lstrlenA
GetNumberFormatW
GetFileType
EnumDateFormatsW
DosDateTimeToFileTime
GetStringTypeA
lstrcmpW
IsBadReadPtr
EndUpdateResourceA
TlsAlloc
OpenSemaphoreW
GetStartupInfoW
GetCurrentProcess
GetFullPathNameA
GetTickCount
GetHandleInformation
GetCurrentThread
GetTempPathW
OpenEventW
GetFullPathNameW
EnumTimeFormatsW
GetVolumeInformationW
FatalAppExitA
lstrcpyA
lstrlenW
CreateNamedPipeW
lstrcmp
FileTimeToSystemTime
GetAtomNameW
DisconnectNamedPipe

user32

CharNextW
EnumDesktopsW
MessageBeep
DialogBoxParamA
GetClassNameW
CallWindowProcA
InsertMenuItemA
SetCursor
FlashWindow
WaitForInputIdle
EnumDesktopsA
RegisterClassExW
ChildWindowFromPoint
LoadBitmapW
CharLowerA
GetForegroundWindow
DrawTextW
UnregisterClassA
CopyImage
CreateDialogParamA
GetDlgItemInt
CopyRect
SetWindowLongW
DefDlgProcW
SetWindowTextW
EnableMenuItem
CreateDialogParamW
GetScrollPos
GetSysColor
GetMenuItemInfoA
RegisterClassA
LoadImageW
DialogBoxParamW
DefWindowProcA
GetClassInfoW
PeekMessageW
GetDC
DefFrameProcW
GetClassInfoExW
wvsprintfA
GetWindowTextLengthA
DeleteMenu
CopyIcon
SetCursorPos
SendMessageW
FindWindowW
CreatePopupMenu
ActivateKeyboardLayout
LoadCursorW
IsIconic
wvsprintfW
MessageBoxA
GetSubMenu
SetDlgItemTextA
IsWindow

gdi32

SelectClipPath
SetROP2
SetDIBits
CreateFontW
GetFontData
GetDeviceCaps
GetArcDirection
GetGraphicsMode
CloseMetaFile
SetViewportOrgEx
EnumFontFamiliesW
EnumFontFamiliesExW
ExtEscape
CreateSolidBrush
GetClipRgn
GetPaletteEntries
CreateMetaFileA
GetEnhMetaFileHeader
RemoveFontResourceW
GetICMProfileW
GetCharABCWidthsFloatA

advapi32

RegSetValueA
RegEnumValueW
RegEnumKeyW
RegFlushKey
RegDeleteKeyW
RegRestoreKeyW
RegDeleteValueA
RegQueryInfoKeyA

shell32

StrNCmpIA
StrCmpNIW
ShellExecuteW
SHBrowseForFolderW

comdlg32

PrintDlgA
GetFileTitleW
PrintDlgExA
PageSetupDlgW
ReplaceTextA
ReplaceTextW
GetSaveFileNameW
ChooseFontA
PrintDlgExW
PageSetupDlgA
LoadAlterBitmap

ole32

CoGetClassObject
GetClassFile
CoGetInstanceFromIStorage
BindMoniker
CoGetDefaultContext
OleUninitialize
CoCreateInstance
CoGetMalloc

ws2_32

WSADuplicateSocketW
send
getservbyport
WSADuplicateSocketA
accept
gethostname

winmm

mixerClose
midiInAddBuffer
PlaySound
midiInPrepareHeader
midiInGetID
mmioAscend
waveInGetNumDevs
mmioClose

winspool.drv

EnumPrintProcessorsW
EnumPrintersA
StartDocDlgA
EnumPrintProcessorsA
ConvertAnsiDevModeToUnicodeDevmode
StartPagePrinter
GetPrintProcessorDirectoryW
AddPrinterW
SetPrinterDataA

inetcomm

EssReceiptRequestDecodeEx
MimeOleParseMhtmlUrl
EssSecurityLabelEncodeEx
MimeOleGetCodePageInfo
MimeOleSMimeCapAddSMimeCap
MimeOleOpenFileStream
MimeOleSMimeCapGetEncAlg
MimeEditDocumentFromStream

oledlg

OleUIObjectPropertiesA
OleUIEditLinksW
OleUIInsertObjectA
OleUIPasteSpecialA
OleUIChangeSourceA
OleUIBusyW
OleUIChangeIconW
OleUIInsertObjectW

wsock32

WSAStartup
GetNameByTypeW
WSASetBlockingHook
EnumProtocolsA
htons
WSAStartup
select
send

Sections

.rdata
Size: 1KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 7KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 1024B - Virtual size: 22KB

IMAGE_SCN_MEM_READ

.edata
Size: 1KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 1KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 1KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 171KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a0f41bd5de82cbb844f692b48ffd09bd

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

comdlg32

ole32

ws2_32

winmm

winspool.drv

inetcomm

oledlg

wsock32

Sections

.rdata Size: 1KB - Virtual size: 26KB

.edata Size: 1024B - Virtual size: 7KB

.rdata Size: 13KB - Virtual size: 12KB

.rdata Size: 6KB - Virtual size: 6KB

.edata Size: 1024B - Virtual size: 22KB

.edata Size: 1KB - Virtual size: 17KB

.rdata Size: 1024B - Virtual size: 4KB

.edata Size: 1KB - Virtual size: 12KB

.data Size: 12KB - Virtual size: 15KB

.rdata Size: 1024B - Virtual size: 6KB

.edata Size: 1KB - Virtual size: 15KB

.rsrc Size: 171KB - Virtual size: 171KB

.reloc Size: 1024B - Virtual size: 36KB

.rdata
Size: 1KB - Virtual size: 26KB

.edata
Size: 1024B - Virtual size: 7KB

.rdata
Size: 13KB - Virtual size: 12KB

.rdata
Size: 6KB - Virtual size: 6KB

.edata
Size: 1024B - Virtual size: 22KB

.edata
Size: 1KB - Virtual size: 17KB

.rdata
Size: 1024B - Virtual size: 4KB

.edata
Size: 1KB - Virtual size: 12KB

.data
Size: 12KB - Virtual size: 15KB

.rdata
Size: 1024B - Virtual size: 6KB

.edata
Size: 1KB - Virtual size: 15KB

.rsrc
Size: 171KB - Virtual size: 171KB

.reloc
Size: 1024B - Virtual size: 36KB