08430af16188397e6f188e70537a6f663b8168d9b2150210cfbc4241282e30b0_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

08430af16188397e6f188e70537a6f663b8168d9b2150210cfbc4241282e30b0_NeikiAnalytics
Size

396KB
MD5

b914177884aac3cf612c5ab5fd9f3f40
SHA1

ce73db5f4e32d383324f0136dba14527a3610bbe
SHA256

08430af16188397e6f188e70537a6f663b8168d9b2150210cfbc4241282e30b0
SHA512

e190b65ec2a88788ad15c28221afe40af021366f2a642ea550b8d883e045f11686190f833ac1f3ea294717772675511de46f047a6ec4fb2bbf0f917a520b579d
SSDEEP

6144:Ty7Xw2bGzKBYejiQdVjQXIk4z7foiw2AW5tQGEs3kGXec1WqwkYWMyqQBhB84Avy:TyPjMf4zkidtZkGON4Rz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08430af16188397e6f188e70537a6f663b8168d9b2150210cfbc4241282e30b0_NeikiAnalytics

Files

08430af16188397e6f188e70537a6f663b8168d9b2150210cfbc4241282e30b0_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

42dddbab6625ef4fb36951367263e811

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

cblrtss

_mFiD789
_mFiD7B7
CBL_CLASSIFY_DBCS_CHAR
_mFiD7D9
CBL_ALLOC_MEM
CBL_FREE_MEM
_mFiD7F6
_mFiD7BA
_mFiD791
ord1015
ord1245
CBL_FN_INTEGER
ord1250
_mFiD7A1
_mFiD7CC
_mFiD7B9
_mFiD7B5
ord1006
_mFiD7AA
_mFgF802
_mFiD7CB
_mFgF803
_mFiD7E6
_mFiD7E4
CBL_READ_SCR_CHATTRS
_mFgCE
EXTFH
_mFgF813
_mFgF811
_mFiD78D
_mFiD7E3
CBL_INIT_MOUSE
CBL_GET_MOUSE_POSITION
CBL_TERM_MOUSE
CBL_SET_MOUSE_MASK
CBL_GET_MOUSE_MASK
CBL_SET_MOUSE_POSITION
_COYIELD
PC_READ_KBD_SCAN
_mFiD7B4
CBL_READ_MOUSE_EVENT
_mFiD781
_mFiD783
CBL_GET_MOUSE_STATUS
_mFgproglink
_mFgprogunlock
mF_eloc
CBL_EXIT_PROC
CBL_GET_OS_INFO
CBL_DELETE_FILE
CBL_GET_CURRENT_DIR
ord1021
ord1155
cobgetenv
CBL_TOUPPER
ord1246
ord1156
ord1244
CBL_CANCEL
CBL_GET_PROGRAM_INFO
CBL_FILENAME_CONVERT
CBL_MBCS_CHAR_LEN
CBL_SPLIT_FILENAME
CBL_JOIN_FILENAME
CBL_GET_FILE_INFO
CBL_NLS_GET_MSG
CBL_SHOW_MOUSE
_mFgAE
CBL_CTF_TRACER_LEVEL_GET
ord1275
CBL_CTF_TRACER_NOTIFY
CBL_CTF_COMP_PROPERTY_GET
ord1266
ord1001
CBL_CTF_TRACE
_mFgF801
CBL_OPEN_FILE
CBL_CLOSE_FILE
CBL_FLUSH_FILE
CBL_CHECK_FILE_EXIST
CBL_CREATE_FILE
CBL_WRITE_FILE
CBL_READ_FILE
ord1471
ord1370
CBL_RENAME_FILE
ord1701
CBL_CMPNLS
ord1461
ord1294
ord1333
_mFgF800
ord1475
_mFgF806
ord1448
ord1389
cob_COYIELD
CBL_FN_CURRENT0DATE
ord1574
ord1573
ord1267
ord1579
ord1578
mF_tmpfilename
ord1463
_mFgproglock
_mFerr
CBL_COPY_FILE
CBL_LCKFILE
CBL_UNLFILE
CBL_UNLOCK
CBL_SET_SEMAPHORE
CBL_FREE_SEMAPHORE
CBL_TEST_LOCK
CBL_GET_LOCK
CBL_FREE_LOCK
CBL_OPEN_VFILE
CBL_CLOSE_VFILE
CBL_READ_VFILE
CBL_WRITE_VFILE
CBL_FN_UPPER0CASE
ord1307
ord1190
ord1206
ord1186
CBL_LOCATE_FILE
_mFginitdat_dll
ord969
ord733
ord968
ord2038
ord2006
CBL_HIDE_MOUSE
_mFiD7E5
_mFiD782
ord1016
_mFiD7B0
_mFiD7B3
_mFiD78F
_mFiD7A7
_mFgprogchain
_mFgtypecheck
_mFgprogcheckexit
ord1424
ord1379
_mFgF805
ord1012
ord1304
_mFgmain2
_mFgWinMain2
_mFfindp
CBL_CTF_TRACER_GET
_mFgprogunchain

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__p___initenv
exit
_XcptFilter
_exit

kernel32

GetCommandLineA
GetModuleHandleA

Exports

Exports

_mFdllinfo

Sections

.text
Size: 380KB - Virtual size: 376KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

42dddbab6625ef4fb36951367263e811

Headers

File Characteristics

Imports

cblrtss

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 380KB - Virtual size: 376KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 95KB

.text
Size: 380KB - Virtual size: 376KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 95KB