268e04e3fefa0e8b81342f0c879eff60_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

268e04e3fefa0e8b81342f0c879eff60_NeikiAnalytics.exe
Size

314KB
MD5

268e04e3fefa0e8b81342f0c879eff60
SHA1

edfaeca8571af6e3f5f5fcb113229e712f16ccc4
SHA256

afb69701b27fe0e536e9411b5432d86a7aa3e0dfd86abbd4ca1628400346ce3c
SHA512

c8aaf628f9bd67aa2ec269ae0bbc2951ff1163677fd8e118d0dfbf1bd6d6a83d990d9100b03f87f24df85fac8ed84282128c2fd9b3b51353fd390f2a21b3bd2d
SSDEEP

6144:wQTMgJH+QHGVfr961mWDKZC26m7IIe7y7p3UT5g:wQ0QHKT96AWDywy7VCg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
268e04e3fefa0e8b81342f0c879eff60_NeikiAnalytics.exe

Files

268e04e3fefa0e8b81342f0c879eff60_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

53dda1c4d1b621f9c38e591165c33835

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

cblrtss

ord1302
ord1467
_mFgF816
ord1475
ord1156
ord1175
ord1277
ord1464
ord1370
ord1310
_mFgF808
_mFfindp
_mFgCE
ord1468
_mFgtypecheck
_mFgprogchain
_mFerr2
_mFiD7A7
_mFiD78F
_mFiD7B3
_mFiD7B0
ord1016
_mFiD782
_mFiD7E5
CBL_HIDE_MOUSE
CBL_SHOW_MOUSE
_mFiD789
_mFiD7B7
CBL_CLASSIFY_DBCS_CHAR
_mFiD7D9
_mFiD7F6
_mFiD7BA
_mFiD791
_mFiD7A1
_mFiD7CC
_mFiD7B9
_mFiD7B5
ord1006
_mFiD7AA
_mFiD7CB
_mFgF803
_mFiD7E6
_mFiD7E4
CBL_READ_SCR_CHATTRS
CBL_ALLOC_MEM
CBL_FREE_MEM
_mFgF813
_mFgF811
_mFiD78D
_mFiD7E3
CBL_INIT_MOUSE
CBL_GET_MOUSE_POSITION
CBL_TERM_MOUSE
CBL_SET_MOUSE_MASK
CBL_GET_MOUSE_MASK
CBL_SET_MOUSE_POSITION
_COYIELD
PC_READ_KBD_SCAN
_mFiD7B4
CBL_READ_MOUSE_EVENT
CBL_CREATE_DIR
_mFiD783
CBL_GET_MOUSE_STATUS
_mFgprogunlock
mF_eloc
CBL_EXIT_PROC
CBL_GET_OS_INFO
_mFgF805
ord1155
ord1250
CBL_CANCEL
CBL_FILENAME_CONVERT
CBL_SPLIT_FILENAME
CBL_JOIN_FILENAME
CBL_CHECK_FILE_EXIST
_mFgproglock
CBL_OPEN_FILE
CBL_CREATE_FILE
CBL_DELETE_FILE
CBL_RENAME_FILE
CBL_COPY_FILE
CBL_CLOSE_FILE
CBL_LCKFILE
CBL_UNLFILE
CBL_UNLOCK
CBL_FLUSH_FILE
CBL_SET_SEMAPHORE
CBL_FREE_SEMAPHORE
CBL_TEST_LOCK
CBL_GET_LOCK
CBL_FREE_LOCK
CBL_READ_FILE
CBL_WRITE_FILE
CBL_OPEN_VFILE
CBL_CLOSE_VFILE
CBL_READ_VFILE
CBL_WRITE_VFILE
CBL_FN_UPPER0CASE
ord1701
ord1210
ord1240
ord1264
ord1186
CBL_CMPNLS
ord1461
ord1294
_mFgF800
_mFgF801
CBL_NLS_GET_MSG
ord1574
ord1573
ord1267
ord1579
ord1578
CBL_LOCATE_FILE
_mFginitdat_dll
ord969
ord733
ord968
_mFgmain2
_mFgWinMain2
CBL_CHANGE_DIR
ord1463
ord1145
ord1266
ord1115
ord1125
_mFgF802
ord1015
ord1333
CBL_FILE_ERROR
EXTFH
_mFgAE
_mFgprogcheckexit
_mFgFB
CBL_TOUPPER
_mFgFC
_mFgF809
_mFiD781
_mFgprogunchain

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__p___initenv
exit
_XcptFilter
_exit

kernel32

GetCommandLineA
GetModuleHandleA

Exports

Exports

_mFdllinfo

Sections

.text
Size: 303KB - Virtual size: 303KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 90B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

53dda1c4d1b621f9c38e591165c33835

Headers

File Characteristics

Imports

cblrtss

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 303KB - Virtual size: 303KB

.rdata Size: 512B - Virtual size: 90B

.data Size: 5KB - Virtual size: 80KB

.idata Size: 3KB - Virtual size: 3KB

.text
Size: 303KB - Virtual size: 303KB

.rdata
Size: 512B - Virtual size: 90B

.data
Size: 5KB - Virtual size: 80KB

.idata
Size: 3KB - Virtual size: 3KB