26c73eecbdd0bd5c662cd734a5721380_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

26c73eecbdd0bd5c662cd734a5721380_NeikiAnalytics.exe
Size

11KB
MD5

26c73eecbdd0bd5c662cd734a5721380
SHA1

91a8c43d73db9c1155178a30a59649abef49e3f1
SHA256

e5aeca4f646c82e43e3a5ba0de6a0a546ff5b359a6eaa4db9f769573d3ccd37d
SHA512

ac8ddafba582a01410827d8c6318f5c4fde91338e7f1464220e923c47a13458f1d26ff8e68b0fd8f17c1cd0fbd4130b7fe7765e97fffe26040cbaf6eea3671d6
SSDEEP

192:1sfgShUvmylZCW1Ky7oUA1hwN20XIovTwK3i2iZb:aTUv9ZiCoB161XJvTHi2iZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26c73eecbdd0bd5c662cd734a5721380_NeikiAnalytics.exe

Files

26c73eecbdd0bd5c662cd734a5721380_NeikiAnalytics.exe
.dll windows:4 windows x86 arch:x86

cf5b6a7ab041912d32979fd9368b4b4d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc71

ord3719
ord3709
ord2644
ord3949
ord4481
ord4261
ord3333
ord566
ord757
ord3210
ord1934
ord3287
ord1280
ord1279
ord764
ord602
ord1929
ord5976
ord5641
ord5647
ord347
ord765
ord315
ord1037
ord1206
ord1208
ord1098
ord371
ord1120
ord1201
ord1175
ord1177
ord314
ord1209
ord1084
ord1092
ord1167
ord3718
ord2533
ord2646
ord2540
ord2838
ord2714
ord4307
ord2835
ord2731
ord2537
ord3830
ord5566
ord5213
ord5230
ord4568
ord3948
ord2248
ord5226
ord5224
ord2931
ord1920
ord3832
ord5382
ord6219
ord5102
ord1010
ord3806
ord5583
ord2018
ord2063
ord4326
ord6276
ord3801
ord581
ord3683
ord4038
ord4014
ord6278

msvcr71

malloc
free
_except_handler3
__CxxFrameHandler
??2@YAPAXI@Z
memset
__dllonexit
_onexit
_initterm
_adjust_fdiv
__CppXcptFilter
??1type_info@@UAE@XZ
__security_error_handler
?terminate@@YAXXZ

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
ExitProcess
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
LocalFree
CreateThread
Sleep
GetVersionExA

user32

LoadCursorA
SetCursor
GetCursorPos
WindowFromPoint
GetWindowRect
GetDesktopWindow
InvalidateRect
UpdateWindow
SetWindowsHookExA
InflateRect
GetAsyncKeyState
GetCursor
SendMessageA
CallNextHookEx
UnhookWindowsHookEx

gdi32

CreateDCA
Rectangle
CreatePen

Exports

Exports

InitHookDll
InstallHook
InstallMouseHook
SetKey
UnInstallHook

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SHARDATA
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cf5b6a7ab041912d32979fd9368b4b4d

Headers

File Characteristics

Imports

mfc71

msvcr71

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 4KB

SHARDATA Size: 512B - Virtual size: 48B

.rsrc Size: 1024B - Virtual size: 832B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 4KB

SHARDATA
Size: 512B - Virtual size: 48B

.rsrc
Size: 1024B - Virtual size: 832B

.reloc
Size: 1KB - Virtual size: 1KB