a05d1ac5893d98621b4fe5d5a07a3230_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

a05d1ac5893d98621b4fe5d5a07a3230_NeikiAnalytics.exe
Size

1.2MB
MD5

a05d1ac5893d98621b4fe5d5a07a3230
SHA1

f8d6111d656bd4c7e1f6f3332f37965060d4c5cf
SHA256

f3aba7cc044c9d9f6188f36fa8275311081e03244b46085ef6ffe80dbb593ba2
SHA512

e9124ed68b9b8dc69d9761463f989d09d16b9fd8c4857db54ea0e3f02b4db36a6dfbb2924b1654431a3dcacf9a48043dc59f34a06afbc57765b4032ebe4f9da5
SSDEEP

24576:YHiAQVD43pr1XCIwCt+IHfA4EKv5JGNyNrQhpedM:YCAQVOUbCfffE8CyZN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a05d1ac5893d98621b4fe5d5a07a3230_NeikiAnalytics.exe

Files

a05d1ac5893d98621b4fe5d5a07a3230_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

0cca7e41aab788ef1648e86dbb970849

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

calloc
fputc
strrchr
fwrite
??2@YAPAXI@Z
free
_CxxThrowException
_EH_prolog
_XcptFilter
exit
_exit
__getmainargs
_initterm
_acmdln
_adjust_fdiv
__p__commode
__setusermatherr
__set_app_type
_except_handler3
__p__fmode
_controlfp
??1type_info@@UAE@XZ
_access
sprintf
_splitpath
memmove
floor
time
realloc
_ftol
fread
_fdopen
fprintf
ftell
malloc
_CIasin
_strlwr
__CxxFrameHandler
??3@YAXPAX@Z
fclose
fopen
rand
strchr
strncmp
qsort
puts
strncpy
_stricmp
srand

kernel32

CreateFileMappingA
UnmapViewOfFile
MapViewOfFile
GetCurrentDirectoryA
GetLastError
FindNextFileA
FindClose
FindFirstFileA
DeleteFileA
GlobalAlloc
SetCurrentDirectoryA
GetDriveTypeA
lstrlenA
lstrcpyA
WriteFile
ExitProcess
GetFileAttributesA
CreateFileA
GetFileSize
ReadFile
CloseHandle
Sleep
GlobalHandle
GetStartupInfoA
GetModuleHandleA
GetVersionExA
GlobalFree
FlushFileBuffers
GlobalLock
GetLogicalDrives
GetWindowsDirectoryA
GlobalUnlock
GlobalReAlloc

ddraw

DirectDrawEnumerateExA
DirectDrawCreateEx

dsound

ord1

dinput

DirectInputCreateEx

winmm

mmioAdvance
timeGetTime
mciSendStringA
mmioAscend
mmioGetInfo
mmioRead
mmioSetInfo
mmioSeek
mmioOpenA
mmioSetBuffer
mmioClose
mmioDescend

user32

UpdateWindow
DrawMenuBar
UnregisterClassA
wvsprintfA
DrawTextA
RegisterWindowMessageA
RedrawWindow
PostQuitMessage
PeekMessageA
DefWindowProcA
FindWindowA
TranslateMessage
GetMessageA
ShowCursor
LoadIconA
DispatchMessageA
DestroyWindow
CreateWindowExA
LoadCursorA
RegisterClassA
ReleaseDC
SystemParametersInfoA
GetDC
SetWindowPos
GetWindowRect
GetSystemMetrics
ShowWindow
GetKeyNameTextA
GetClientRect
ClientToScreen
wsprintfA
MessageBoxA
SetFocus
GetAsyncKeyState

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

gdi32

GetDeviceCaps
SetTextColor
StretchBlt
SetBkMode
GetPaletteEntries
GetStockObject

ole32

CoInitialize
CoCreateInstance
CoUninitialize

msacm32

acmFormatEnumA
acmDriverEnum
acmDriverClose
acmStreamPrepareHeader
acmStreamClose
acmMetrics
acmDriverOpen
acmStreamOpen
acmStreamConvert

binkw32

_BinkBufferOpen@16
_BinkNextFrame@4
_BinkBufferBlit@12
_BinkClose@4
_BinkDoFrame@4
_BinkDDSurfaceType@4
_BinkOpen@8
_BinkSetSoundTrack@4
_BinkSetSoundSystem@8
_BinkOpenDirectSound@4
_BinkWait@4
_BinkGetRects@8
_BinkBufferUnlock@4
_BinkCopyToBuffer@28
_BinkBufferLock@4
_BinkBufferSetOffset@12
_BinkBufferSetScale@12

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 80KB - Virtual size: 3.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.chook
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0cca7e41aab788ef1648e86dbb970849

Headers

File Characteristics

Imports

msvcrt

kernel32

ddraw

dsound

dinput

winmm

user32

advapi32

gdi32

ole32

msacm32

binkw32

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 80KB - Virtual size: 3.1MB

.rsrc Size: 8KB - Virtual size: 5KB

.chook Size: 2KB - Virtual size: 2KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 80KB - Virtual size: 3.1MB

.rsrc
Size: 8KB - Virtual size: 5KB

.chook
Size: 2KB - Virtual size: 2KB