351534e706565cfee03ee2e5b25cefd0_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

351534e706565cfee03ee2e5b25cefd0_NeikiAnalytics.exe
Size

232KB
MD5

351534e706565cfee03ee2e5b25cefd0
SHA1

bc62e6c517ad15cee9ebc01fc7009d77c756cfda
SHA256

86ed55b516134dd2e27386b8fb62dc17058874d08f320673c5e3127489c56056
SHA512

8ea75e6d3e4cc54eac672793c200269f4e4b0efa088bf79f7d418882812d38e357118fb3f7c1f74cc321e41b6094102506d09a403dfab3c982afb28ad08a878d
SSDEEP

3072:xztH6oyziBUGGmVEKVakg24t4hpS4bm8PJAe/Ieuk72rFM:xaz1f6DbmoJ5gei

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
351534e706565cfee03ee2e5b25cefd0_NeikiAnalytics.exe

Files

351534e706565cfee03ee2e5b25cefd0_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

6f575449edb365fecb3088b51e1ceb19

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
LocalAlloc
LocalFree
FindResourceA
LockResource
LoadResource
CreateMutexA
GetLastError
lstrcmpA
lstrlenA
LoadLibraryA
CloseHandle
FreeLibrary
GlobalReAlloc
GlobalLock
GlobalUnlock
GlobalMemoryStatus
GetPrivateProfileStringA
WinExec
GetModuleFileNameA
GlobalAlloc
GlobalFree
lstrcpyA
FindFirstFileA
FindClose
CreateFileA
CreateProcessA
GetFileAttributesA
GetModuleHandleA
GetStartupInfoA
LCMapStringW
LCMapStringA
GetStringTypeA
GetStringTypeW
GetProcAddress
MultiByteToWideChar
GetCommandLineA
HeapAlloc
GetOEMCP
VirtualAlloc
GetCPInfo
WriteFile
GetACP
HeapFree
VirtualFree
RtlUnwind
HeapDestroy
GetVersionExA
HeapCreate
GetFileType
GetStdHandle
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
SetHandleCount
FreeEnvironmentStringsW
FreeEnvironmentStringsA
WideCharToMultiByte
ExitProcess
GetVersion
HeapReAlloc
GetCurrentProcess
UnhandledExceptionFilter
TerminateProcess

user32

TranslateMessage
DispatchMessageA
PostQuitMessage
GetMessageA
DefWindowProcA
LoadCursorA
KillTimer
RegisterClassA
CreateWindowExA
LoadIconA
SetTimer
IsZoomed
GetSystemMetrics
ShowWindow
FindWindowA
SetForegroundWindow
GetWindowTextA
MessageBoxA
LoadStringA
CharUpperA
GetWindowLongA
wsprintfA
SetRect
SetCursor
DialogBoxParamA
WaitForInputIdle
EndPaint
EndDialog
BeginPaint

gdi32

DeleteObject
SetBkMode
SetTextAlign
SetTextColor
SelectObject
CreateFontA
GetDeviceCaps
DeleteDC
BitBlt
SetDIBits
CreateCompatibleBitmap
CreateCompatibleDC
RealizePalette
SelectPalette
CreatePalette
GetStockObject
ExtTextOutA

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 188KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f575449edb365fecb3088b51e1ceb19

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 24KB - Virtual size: 20KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 12KB

.rsrc Size: 188KB - Virtual size: 184KB

.text
Size: 24KB - Virtual size: 20KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 188KB - Virtual size: 184KB