fd03898e4cbabef881f645ae9e0bb990_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

fd03898e4cbabef881f645ae9e0bb990_NeikiAnalytics.exe
Size

200KB
MD5

fd03898e4cbabef881f645ae9e0bb990
SHA1

6b14e340d0db6873a8bf02d078c141555dcf3a59
SHA256

cd69b24a7d2f14b41d8385f1b030dc348b77c355fc422bd4aab3979ac65a04ef
SHA512

ef16c889d1cdb62004e77fee9b0920f958c16917a9aecb42d0e534d91fc18f9ec5134fe9e96a21a06cd8f0fe982e7b1dc7de4c2067ea637f76f4c47eeef118ec
SSDEEP

3072:hgwMjdl8g1TEQSxjW3vV+MolxaUMlvUQGlEOZCCOeX3nbIIhQpcM4:VFkmxaU2MQLGXb12pW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd03898e4cbabef881f645ae9e0bb990_NeikiAnalytics.exe

Files

fd03898e4cbabef881f645ae9e0bb990_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

592d0bcc2a99ccc5a9ce5f0a86d03cd5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

fpos40

_WriteConfigInt@12
_ltrim@4
_WriteToLogFile@8
_FP_isdigit@4
FormatError
HexAtoi
LoadSysSet
_GetFieldInteger@8
_GetFieldLong@8
FPDllInst
WriteActivityRec
_GetEntIFileInfo@16
_GetCurrBkOffUser@0
UpdateBackOfficeTimeout
_TodayToLong@0
_LongDateToStr@12
_NowToLong@0
_LongTimeToStr@12
LogMsg
_IsTermSrvSession@0
_GetTerminalNum@4
CleanupFPEnc
FPClosesocket
SockRead
feSockWrite
FPConnect
_IPAddrToStr@8
LanStatus
GetBootDateTime
_GetFposBase@8
_DateToLong@12
_LongToDate@16
GetTerminalSessionInfo
_IsEnterpriseVersion@0
FPDLLEnumTSessions
InitWS22
InitFPEnc
CalcUnits
_CenterWindow@4
_GetFposFile@16
_GetIFileInfo@16
_ReadConfigInt@12
_ReadConfigString@20
_GetCurrencyInfo@16
FposHelp
_SwitchToPrevInst@4
_rtrim@4
_FposDlgProc@16

rptviewr

_ViewReport@36

ctree32s

ord96
ord130
ord63
ord123
ord172
ord52
ord198
ord13

kernel32

LCMapStringW
LCMapStringA
MultiByteToWideChar
GetStringTypeA
VirtualAlloc
GetOEMCP
GetACP
GetCPInfo
RtlUnwind
GetStringTypeW
CompareStringA
CompareStringW
HeapReAlloc
FreeLibrary
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentProcessId
SetEndOfFile
GetStdHandle
SetHandleCount
SetStdHandle
HeapAlloc
HeapFree
GetSystemTime
GetTimeZoneInformation
GetVersion
GetCommandLineA
GetStartupInfoA
GetFileType
TerminateProcess
CreateEventA
DeviceIoControl
GetOverlappedResult
Sleep
GetVolumeInformationA
GetFileInformationByHandle
GlobalReAlloc
SystemTimeToFileTime
SetFileTime
GetFileTime
FileTimeToSystemTime
SetFileAttributesA
GetCurrentDirectoryA
GetCurrentProcess
DeleteFileA
GetDiskFreeSpaceA
FlushFileBuffers
LocalFree
GetVersionExA
LoadLibraryA
GetProcAddress
SetEnvironmentVariableA
GlobalUnlock
GlobalAlloc
GlobalLock
GlobalFree
GetCurrentThreadId
GetLogicalDrives
GetComputerNameA
GetLocalTime
CreateFileA
WriteFile
ReadFile
SetFilePointer
GetSystemDirectoryA
GetFileAttributesA
GetModuleHandleA
CreateProcessA
WaitForSingleObject
GetExitCodeProcess
CloseHandle
WinExec
GetLastError
GetWindowsDirectoryA
GetModuleFileNameA
ExitProcess

user32

DispatchMessageA
TranslateMessage
IsDialogMessageA
GetMessageA
CreateDialogParamA
RegisterClassExA
LoadCursorA
MessageBoxA
MessageBeep
LoadIconA
PostQuitMessage
DestroyWindow
ShowWindow
SendMessageA
AppendMenuA
GetSystemMenu
PostMessageA
PeekMessageA
InvalidateRect
KillTimer
GetDlgItem
SetTimer
DialogBoxParamA
wsprintfA
RegisterClassA
CreateWindowExA
EnumThreadWindows
WaitForInputIdle
UnregisterClassA
GetWindowTextA
DefWindowProcA
IsWindow
FindWindowA
SetFocus
GetSysColor
GetKeyState
SendDlgItemMessageA
EndDialog

gdi32

SetBkColor
CreateSolidBrush
DeleteObject
SetTextColor

advapi32

CryptDestroyHash
CryptHashData
CryptCreateHash
CryptAcquireContextA
CryptReleaseContext
CryptDestroyKey
CryptEncrypt
CryptDecrypt
RegSetValueA
RegEnumValueA
RegCloseKey
RegQueryInfoKeyA
RegEnumKeyExA
RegOpenKeyExA
FreeSid
AllocateAndInitializeSid
RegOpenKeyA
RegQueryValueExA
RegSetValueExA
RegCreateKeyA
RegCreateKeyExA
DeleteService
ControlService
QueryServiceStatus
StartServiceA
OpenServiceA
CreateServiceA
CloseServiceHandle
OpenSCManagerA
CryptDeriveKey

Sections

.text
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

592d0bcc2a99ccc5a9ce5f0a86d03cd5

Headers

File Characteristics

Imports

fpos40

rptviewr

ctree32s

kernel32

user32

gdi32

advapi32

Sections

.text Size: 84KB - Virtual size: 82KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 20KB - Virtual size: 88KB

.rsrc Size: 84KB - Virtual size: 81KB

.text
Size: 84KB - Virtual size: 82KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 20KB - Virtual size: 88KB

.rsrc
Size: 84KB - Virtual size: 81KB