3bb842aee6a676147d5f4a3dc64ed090_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

3bb842aee6a676147d5f4a3dc64ed090_NeikiAnalytics.exe
Size

211KB
MD5

3bb842aee6a676147d5f4a3dc64ed090
SHA1

4eb1067f0cfafe4298eea58ed3f4c7dd957a895c
SHA256

ad33f1f4102cf171d59affce2c507ca658065087be7689efe38403fa6732c8ea
SHA512

83f7c6f2dc235edc81fcbc9f8b56dbb3eaa340317510fb2be1c23130a143aecedbc136dab90c5572f6b0d4219f5382366d077b9e33e552245f2a42127ae7e12f
SSDEEP

6144:ImKVGe1XIpQiU/ma3MB8hH2Tkp6bYnWcZVol0N5TzQ3:C71YpQiU/RcO1VQInVob

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3bb842aee6a676147d5f4a3dc64ed090_NeikiAnalytics.exe

Files

3bb842aee6a676147d5f4a3dc64ed090_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

088303a3216315a2ba8d66c94c7b80a0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
SetComputerNameA
GlobalFindAtomW
Beep
IsBadReadPtr
BeginUpdateResourceW
WaitForSingleObject
lstrcpyA
GetLogicalDrives
GetProcAddress
SetCurrentDirectoryW
FindResourceW
FileTimeToLocalFileTime
GetFileTime
GetThreadLocale
MulDiv
EnumTimeFormatsW
ExpandEnvironmentStringsA
CreateNamedPipeA
GetVolumeInformationA
GetSystemTime
GetLastError
GetProcessHeap
GetWindowsDirectoryW
GetStartupInfoW
GetSystemInfo
ExitProcess
GetTempFileNameA
GetVolumeInformationW
CreateSemaphoreA
SetCalendarInfoW
lstrcmpA
lstrcmpiA
CreateFileA
GetUserDefaultLangID
GlobalAlloc
GetModuleHandleA
GetDateFormatW
SleepEx

user32

wvsprintfW
GetDesktopWindow
CopyImage
GetMenuInfo
LoadMenuW
SetWindowRgn
MessageBoxIndirectW
PostMessageA
GetActiveWindow
GetWindowRect
SetWindowPos
MonitorFromPoint
CreateDialogParamA
SetDlgItemInt
WinHelpA
GetSystemMetrics
GetDC
SetWindowLongA
GetSysColorBrush
InsertMenuA
DrawTextA
EnumDesktopWindows
InsertMenuItemW
GetWindowRgn
LoadMenuA
OpenClipboard
IsChild
EnableMenuItem
LoadMenuIndirectW
ShowCaret
SetCursorPos
MessageBeep
EnumWindows
GetClientRect
CreateDialogParamW
InsertMenuW

gdi32

CreateFontIndirectA
ResizePalette
PolyBezier
SaveDC
ScaleWindowExtEx
CloseEnhMetaFile
SetBoundsRect
SetViewportExtEx

advapi32

RegCreateKeyExW
RegQueryInfoKeyW
RegCreateKeyExW
RegRestoreKeyW

comdlg32

GetOpenFileNameW
ChooseFontA
GetFileTitleW
PrintDlgExW
PrintDlgW

setupapi

SetupDiSetDeviceInstallParamsA
SetupGetLineTextA
SetupQueueCopyW
SetupDiEnumDeviceInfo
pSetupVerifyCatalogFile
CM_Get_Device_Interface_List_SizeA

version

VerInstallFileA
VerLanguageNameW
VerFindFileA

urlmon

RegisterMediaTypes
GetClassURL

winmm

waveOutGetPlaybackRate
timeKillEvent

winspool.drv

GetFormA

inetcomm

HrAttachDataFromFile
MimeGetAddressFormatW
MimeOleGetCodePageInfo
MimeOleStripHeaders
HrGetLastOpenFileDirectoryW
MimeOleCreateSecurity

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.lm
Size: 1024B - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qaQL
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.yP
Size: 3KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bPUeWG
Size: 2KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.PaB
Size: 1024B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dOh
Size: 1KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.HvNW
Size: 1024B - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pPJb
Size: 512B - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bBut
Size: 512B - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 170KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 954B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

088303a3216315a2ba8d66c94c7b80a0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

comdlg32

setupapi

version

urlmon

winmm

winspool.drv

inetcomm

Sections

.text Size: 11KB - Virtual size: 11KB

.lm Size: 1024B - Virtual size: 35KB

.qaQL Size: 2KB - Virtual size: 5KB

.yP Size: 3KB - Virtual size: 40KB

.bPUeWG Size: 2KB - Virtual size: 20KB

.PaB Size: 1024B - Virtual size: 5KB

.data Size: 14KB - Virtual size: 14KB

.dOh Size: 1KB - Virtual size: 6KB

.HvNW Size: 1024B - Virtual size: 43KB

.pPJb Size: 512B - Virtual size: 30KB

.bBut Size: 512B - Virtual size: 207KB

.rsrc Size: 170KB - Virtual size: 169KB

.reloc Size: 1024B - Virtual size: 954B

.text
Size: 11KB - Virtual size: 11KB

.lm
Size: 1024B - Virtual size: 35KB

.qaQL
Size: 2KB - Virtual size: 5KB

.yP
Size: 3KB - Virtual size: 40KB

.bPUeWG
Size: 2KB - Virtual size: 20KB

.PaB
Size: 1024B - Virtual size: 5KB

.data
Size: 14KB - Virtual size: 14KB

.dOh
Size: 1KB - Virtual size: 6KB

.HvNW
Size: 1024B - Virtual size: 43KB

.pPJb
Size: 512B - Virtual size: 30KB

.bBut
Size: 512B - Virtual size: 207KB

.rsrc
Size: 170KB - Virtual size: 169KB

.reloc
Size: 1024B - Virtual size: 954B