24df4d65756cb8b52810a9bec3c26f90_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

24df4d65756cb8b52810a9bec3c26f90_NeikiAnalytics.exe
Size

579KB
MD5

24df4d65756cb8b52810a9bec3c26f90
SHA1

3103e5f973082d111be27da535aef952ffe6865b
SHA256

3a418f64f18c2f4a6963f66220ce256c9e3f0caac4b4a23811642bcaf58a2a61
SHA512

ce3bad232677b1ddfcb7c813daf8b05a28568d83ac306f1f82c3fe83441bafb3b8f9b65e617f35795f59fc122b29761a79dde353380836b87782653c0f930704
SSDEEP

3072:85jj6JxDvrbxDbPgP7seS4LScZ6dgfmaO:5Jnx3u7Y4LB6dgfmaO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24df4d65756cb8b52810a9bec3c26f90_NeikiAnalytics.exe

Files

24df4d65756cb8b52810a9bec3c26f90_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

05a9209ad6d6b541ec54e0d49cbf192b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

xbtbase1

TIMETOSEC
FILECOPY
SAVETOKEN
TOKENINIT
TOKENEND
TOKENNEXT
RESTTOKEN

xbtbase2

DISKNAME
DIRNAME

xpprt1

?prepareOpStack
?ehIsError
?ehSetContext
?setjmp
?exeNativeError
?exeStackUnwind
?momSOn
?symContextInit
?retStackItem
?conNRelease
?frameExit
?ehUnwind
__vft14ConLogicObject10AtomObject
__vft18ConUndefinedObject10AtomObject
?conNAllocL
?momSOff
DIRECTORY
ACREATE
?symPublicConst
LEN
DTOS
STRZERO
VAL
AADD
?symGetItemConst
?conSendItem
SLEEP
?domAssign
FILE
?retStackValue
RUNSHELL
MSGBOX
?conNReleaseL
?passParameter
?conNewNil
?domValXEql
?conAssignRefWMember
?conMemberToItem
?symRefItemConst
NATIONMSG
__vft19ConNumericIntObject10AtomObject
__vft21ConNumericFloatObject10AtomObject
__vft20ConStringConstObject10AtomObject
__vft14ConStringShort10AtomObject
?domValEql
MEMOREAD
?domValSubStr
?domGetElem
?domSubStr
?andShortCut
?domAnd
ALLTRIM
STRTRAN
ARRAY
?domRefElem
?domDiv
?conNewCon
CHR
?domNot
EMPTY
?conRelease
_iniExitProcedureList
___iniStart
___iniGetDLLInitHook
__This_executable_needs_version_1_90_0
___xpprt1Version
?conNewString
DLLLOAD
DLLCALL
DLLUNLOAD
?nomClassLock
?nomClassUnlock
?retObject
XBPBASEDIALOG
?conGetClass
?nomCreateClass
?nomDefineVar
?nomDefineMethod
?nomEndClassDefinition
?conNewExtObject
?nomCallInitClass
?conGetSelfClass
XBPBASECRT
XBPBASECOMBOBOX
XBPBASELISTBOX
XBPBASEPUSHBUTTON
XBPBASESPINBUTTON
XBPBASEMENUBAR
XBPBASEMENU
XBPBASESLE
XBPBASEMLE
XBPBASETREEVIEW
XBPBASETREEVIEWITEM
XBPBASE3STATE
XBPBASETABPAGE
XBPBASESCROLLBAR
XBPBASECHECKBOX
XBPBASERADIOBUTTON
XBPBASESTATIC
XBPBASEPRESSPACE
?domXEql
?orShortCut
?domOr
SETMOUSE
ACLONE
INT
?domSub
?domNEql
BAND
VALTYPE
AT
?domAdd
UPPER
?pushDynamicCodeBlock
ASCAN
RIGHT
SHELLLINKRESOLVE
AEVAL
FOPEN
FSIZE
FREADSTR
FCLOSE
SUBSTR
PCOUNT
?domLCmp
?domValNEql
GRAQUERYTEXTBOX
?domAddEqu
?conOpNewInt
L2BIN
?domMul
SET
CONVTOANSICP
SETAPPWINDOW
?domGCmp
SETAPPFOCUS
APPEVENT
SETAPPEVENT
EVAL
?retNil
REPLICATE
BIN2L
LOADRESOURCE
PROCNAME
THREADID
DOSERROR
ERRORBLOCK
ERROR
BREAK
WORKSPACELIST
?setSWArea
DBCOMMIT
?restWArea
DBCLOSEAREA
?ehUnsetContext
?ehGetBreakContainer
DBRROLLBACK
DBELOAD
ALERT
DBEBUILD
DBSESSION
?domEql
ISFUNCTION
?executeMacro
STR
LTRIM
DOSERRORMESSAGE
APPTYPE
ROW
COL
SETPOS
_BREAK
ERRORLEVEL
_QUIT
ISMETHOD
?domInc
TRIM
PROCLINE
?floadTos
CONFIRMBOX
?domValGCmp
ROOTCRT
PADL
TONE
QOUT
OUTERR
APPNAME
DATE
TIME
VERSION
OS
SPACE
VAR2CHAR
QQOUT
MLCOUNT
MEMOLINE
RTRIM
LEFT

Sections

.text
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xpp
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 410KB - Virtual size: 410KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

05a9209ad6d6b541ec54e0d49cbf192b

Headers

File Characteristics

Imports

xbtbase1

xbtbase2

xpprt1

Sections

.text Size: 141KB - Virtual size: 140KB

.data Size: 14KB - Virtual size: 14KB

.xpp Size: 2KB - Virtual size: 1KB

.idata Size: 5KB - Virtual size: 4KB

.rsrc Size: 410KB - Virtual size: 410KB

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 141KB - Virtual size: 140KB

.data
Size: 14KB - Virtual size: 14KB

.xpp
Size: 2KB - Virtual size: 1KB

.idata
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 410KB - Virtual size: 410KB

.reloc
Size: 6KB - Virtual size: 5KB