a7639f005bccfffc6bc16cc9d4f19da0_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

a7639f005bccfffc6bc16cc9d4f19da0_NeikiAnalytics.exe
Size

68KB
MD5

a7639f005bccfffc6bc16cc9d4f19da0
SHA1

127e9d6fc9c64382f4cda26e81aa8f2b70955549
SHA256

230a9cd372407f05814be500636065f0e84ceacc8b2409bc24c8ab23e97cb077
SHA512

4faa501599d03479b33e57cb1c5a2896393d0ecad20d94284731c88351519160f172f0a590135c38b1db5c77382f7a79bee10d5345a0958e0b108fc89529be25
SSDEEP

768:+9cR9Xwhk0RSnyI+h0uiDeXfqtOtNjbPbzYbtfFqomp:HKB4h4qtwyyom

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a7639f005bccfffc6bc16cc9d4f19da0_NeikiAnalytics.exe

Files

a7639f005bccfffc6bc16cc9d4f19da0_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

f2c0e2e0cb7de94058f0c9f6fc319b57

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WinExec
GetFileAttributesA
GetPrivateProfileIntA
GetPrivateProfileStringA
CloseHandle
ReadFile
GetLastError
RtlUnwind
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
SetFilePointer
MultiByteToWideChar
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
LoadLibraryA
WriteFile
VirtualAlloc
HeapReAlloc
GetProcAddress
LCMapStringA
SetStdHandle
GetStringTypeA
GetStringTypeW
FlushFileBuffers
LCMapStringW

user32

DispatchMessageA
UnregisterClassA
TranslateMessage
IsWindow
CreateWindowExA
ScreenToClient
MessageBoxA
RegisterClassA
GetMessageA
LoadIconA
LoadCursorA
ReleaseCapture
SetCapture
GetCapture
PtInRect
GetClientRect
DestroyWindow
GetWindowLongA
FillRect
SetWindowLongA
GetDC
InflateRect
ReleaseDC
GetParent
CopyRect
UpdateWindow
SetWindowTextA
LoadBitmapA
GetWindowRect
SetWindowPos
ShowWindow
BeginPaint
EndPaint
PostQuitMessage
DefWindowProcA
InvalidateRect
PostMessageA
GetFocus
IsChild
GetCursorPos

gdi32

SetTextColor
SetBkMode
CreateFontIndirectA
BitBlt
RealizePalette
SetStretchBltMode
DeleteDC
SelectObject
CreateCompatibleDC
SelectPalette
ExtTextOutA
GetTextExtentPoint32A
CreatePatternBrush
DeleteObject

shell32

ShellExecuteA

wt_ui

?WTUI_DrawBlackFrame@@YAXPAUHDC__@@PAUtagRECT@@@Z
?WTUI_GetBitmapSize@@YAXPAUHBITMAP__@@PAH1@Z
?WTUI_CenterDialog@@YAXPAUHWND__@@@Z
?WTUI_GetCompatibleBitmap@@YAPAUHBITMAP__@@PAUHDC__@@0GGPAPAU1@@Z
?WTUI_DeleteBitmapAndHDC@@YAXPAPAUHDC__@@PAPAUHBITMAP__@@1@Z
?WTUI_WritePrivateProfileInt@@YAXPAD0H0@Z
?WTUI_Load256ColorBitmap@@YAPAUHBITMAP__@@PADPAPAUHPALETTE__@@@Z
?WTUI_ConstructFullFilename@@YAPADPAD00@Z
?WTUI_GetProductCodeID@@YAHXZ
?WTUI_GetConfigFilePath@@YAPADPAD@Z
?WTUI_GetLocalDirectory@@YAXPAUHINSTANCE__@@PAD@Z
?WTUI_DoesFileExist@@YAHPAD@Z

winmm

sndPlaySoundA

product

PRD_GetTitleAndVersion
PRD_GetProductType
PRD_GetBuildNumber

wt_license

?LICAPI_GetAllSerialNumbers@@YAHPADH@Z
?LICAPI_IsLimitedMode@@YAHXZ
?LICAPI_ActivityEnabled@@YAHPAUHINSTANCE__@@K@Z
?LICAPI_GetResellerCode@@YAHPAD@Z
?LICAPI_InitializeLicense@@YAGPAD0@Z

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f2c0e2e0cb7de94058f0c9f6fc319b57

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

wt_ui

winmm

product

wt_license

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 16KB - Virtual size: 96KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 16KB - Virtual size: 96KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 2KB