aa3d20e7f9f884d524daf8ce7b01fea0_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

aa3d20e7f9f884d524daf8ce7b01fea0_NeikiAnalytics.exe
Size

160KB
MD5

aa3d20e7f9f884d524daf8ce7b01fea0
SHA1

d2207d8456c6c032ceb6548365b8b8f4f9b43150
SHA256

9c1d639ba26a800773b95a68d187473c69d6761da72864674d2e154bded85c49
SHA512

c534b04585568d70659a3ee4c04cd606abf57b4754565b9062c65b96ec32985bda1ff77fc2011fbd4a9a399e4c0e414400f5600a29c7d7678664e94353f1b938
SSDEEP

3072:ghRFyPwZz6gCIlFnCr19/FUzt0VtqVdIIEJDuz71Y1SRPVTqGW6NYdYDcuSRB04R:ghRUPwZz6gCIlFnCr19/FUztyqVdIIEX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa3d20e7f9f884d524daf8ce7b01fea0_NeikiAnalytics.exe

Files

aa3d20e7f9f884d524daf8ce7b01fea0_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

7157bbfc5ad92df62dececd406da2a12

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
FindClose
FindNextFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileA
lstrcmpA
DeleteFileA
MoveFileA
GetFileAttributesA
CopyFileA
CreateDirectoryA
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
ResumeThread
SetFileAttributesA
GetFileInformationByHandle
WaitForMultipleObjects
PeekNamedPipe
CreateProcessA
CreatePipe
GetSystemTime
CompareStringA
FreeLibrary
CreateMutexA
ReleaseMutex
DuplicateHandle
GetTickCount
LocalFree
LocalAlloc
VirtualAlloc
GetModuleHandleA
WriteProcessMemory
GetCurrentProcessId
HeapAlloc
GetProcessHeap
HeapFree
GetModuleFileNameA
VirtualFree
UnmapViewOfFile
MapViewOfFileEx
CreateFileMappingA
OpenFileMappingA
VirtualProtect
MapViewOfFile
SearchPathA
GetCurrentThread
GetSystemDirectoryA
GetCommandLineA
lstrcmpiA
OpenProcess
TerminateProcess
MultiByteToWideChar
lstrcpynA
WaitForSingleObject
SetFilePointer
WideCharToMultiByte
GetLastError
GetComputerNameA
GetSystemInfo
lstrcatA
GetVersionExA
GlobalMemoryStatus
GetDriveTypeA
GetDiskFreeSpaceA
lstrlenA
lstrcpyA
Sleep
GetCurrentProcess
SetPriorityClass
CreateThread
SetThreadPriority
CreateFileA
CloseHandle
GetFileSize
WriteFile
GetFullPathNameA
ReadFile

user32

PostThreadMessageA
CreateWindowExA
DestroyWindow
IsWindow
SendMessageA
CharUpperA
GetDesktopWindow
MessageBoxA
SetWindowsHookExA
PeekMessageA
RegisterClassA
SetKeyboardState
DispatchMessageA
UnhookWindowsHookEx
CallNextHookEx
GetActiveWindow
GetWindowTextA
GetKeyNameTextA
GetKeyboardState
ToAscii
CharToOemA
DefWindowProcA
GetMessageA
ExitWindowsEx
wsprintfA

gdi32

CreateDCA
GetDeviceCaps
CreateCompatibleDC
DeleteDC
CreateDIBSection
SelectObject
BitBlt
DeleteObject
GetDIBColorTable

advapi32

RegEnumKeyExA
RegSetValueExA
RegCreateKeyA
RegConnectRegistryA
RegOpenKeyA
RegQueryInfoKeyA
RegEnumValueA
RegDeleteValueA
RegEnumKeyA
RegQueryValueExA
RegCloseKey
RegOpenKeyExA
GetUserNameA
RegCreateKeyExA
RegDeleteKeyA

shell32

SHFileOperationA

wsock32

listen
bind
htons
socket
send
connect
ioctlsocket
recv
__WSAFDIsSet
select
inet_ntoa
WSACleanup
WSAStartup
ntohs
gethostname
getsockname
recvfrom
sendto
closesocket
gethostbyaddr
gethostbyname
setsockopt
accept

avicap32

capCreateCaptureWindowA
capGetDriverDescriptionA

winmm

PlaySoundA

Sections

.text
Size: 116KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.plugins
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7157bbfc5ad92df62dececd406da2a12

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

wsock32

avicap32

winmm

Sections

.text Size: 116KB - Virtual size: 114KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 28KB - Virtual size: 34KB

.plugins Size: 4KB - Virtual size: 4KB

.text
Size: 116KB - Virtual size: 114KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 28KB - Virtual size: 34KB

.plugins
Size: 4KB - Virtual size: 4KB