5004f2d01e6d11dd38337c9335b5de80_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

5004f2d01e6d11dd38337c9335b5de80_NeikiAnalytics.exe
Size

576KB
MD5

5004f2d01e6d11dd38337c9335b5de80
SHA1

02273a80bd8d676d59c112f5b6f56ed286784b51
SHA256

07dd7c112d3c367b1545e9e8ad1b8048be9661785e0d5848415085d332c01f76
SHA512

f118ce9dc7438736c02620c328f9133608a9d76db7fed6b22399a15871310c695590b335e8fb32a19f42235a229d5b1a6f971ffdb3a1361227f679051ab0d989
SSDEEP

6144:IA1SNgKvg0TL3fDyjTGgWwTB2eMGRG1P/xKI:bSg90H7PgZ2eMCGvKI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5004f2d01e6d11dd38337c9335b5de80_NeikiAnalytics.exe

Files

5004f2d01e6d11dd38337c9335b5de80_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

baf0d4b52c62213d3e0639055ec20298

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord6375
ord5280
ord3706
ord3571
ord3663
ord3626
ord2414
ord537
ord2859
ord1641
ord1146
ord800
ord540
ord823
ord640
ord5873
ord5785
ord1640
ord323
ord394
ord696
ord400
ord702
ord4191
ord915
ord5634
ord802
ord3435
ord5628
ord3441
ord4185
ord909
ord542
ord1200
ord5601
ord6569
ord2818
ord939
ord924
ord860
ord6467
ord4673
ord2864
ord2379
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord4424
ord3738
ord561
ord815
ord2621
ord5943
ord1134
ord818
ord4376
ord4853
ord6055
ord1776
ord5290
ord3402
ord1168
ord567
ord2135
ord2301
ord2302
ord6215
ord3092
ord4299
ord6199
ord4160
ord4274
ord4234
ord755
ord4133
ord4297
ord5788
ord6880
ord470
ord2688
ord535
ord6334
ord4123
ord668
ord2642
ord2770
ord356
ord324
ord4710
ord3619
ord6172
ord5875
ord5789
ord2567
ord2754
ord6197
ord6453
ord2645
ord5450
ord6394
ord5440
ord6383
ord2575
ord4396
ord3574
ord609
ord4275
ord2116
ord3721
ord795
ord1176
ord3797
ord816
ord562
ord5787
ord283
ord2784
ord5710
ord6283
ord858
ord4129
ord2764
ord3874
ord3643
ord1233
ord5278
ord3495
ord3813
ord1567
ord5949
ord1265
ord1271
ord5265
ord268
ord5981
ord2971
ord5759
ord6192
ord5756
ord6186
ord4330
ord6189
ord6021
ord5794
ord5678
ord5736
ord5579
ord5571
ord6061
ord5864
ord3596
ord6194
ord5769
ord6282
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5277
ord2124
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord4353
ord6374
ord5163
ord2385
ord5241
ord4407
ord1775
ord4078
ord6052
ord2514
ord4998
ord641
ord825
ord4627
ord3597
ord4425
ord3825
ord4080
ord3079
ord1949
ord3831
ord4034
ord2863
ord3693
ord2086
ord1576
ord1243
ord269
ord600
ord1578
ord826

msvcrt

__p__fmode
__set_app_type
_setmbcp
_controlfp
strncpy
_purecall
strlen
__CxxFrameHandler
strcat
_ftol
strchr
memset
fclose
fgets
fopen
strcpy
isspace
strstr
strcmp
atoi
strtok
isdigit
memcpy
_fcvt
__dllonexit
_onexit
_except_handler3
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
_strlwr

kernel32

FreeLibrary
MulDiv
lstrcpyA
lstrlenA
GetCurrentThreadId
lstrcmpA
GetProcAddress
lstrcmpiA
LocalFree
GetModuleHandleA
GetStartupInfoA
LocalAlloc
LoadLibraryA

user32

IsIconic
GetKeyboardState
DrawCaption
SystemParametersInfoA
DrawIcon
LoadCursorA
IsChild
AppendMenuA
GetWindowLongA
IsWindowVisible
BeginDeferWindowPos
IsWindow
GetFocus
SetCursor
SetCursorPos
LoadIconA
IsWindowEnabled
TabbedTextOutA
GrayStringA
GetSysColor
SetRect
DefWindowProcA
GetTopWindow
UnhookWindowsHookEx
SetWindowsHookExA
CallNextHookEx
GetSystemMenu
ShowWindow
CopyRect
GetScrollPos
KillTimer
GetNextDlgGroupItem
SetWindowPos
ShowScrollBar
CreateWindowExA
SetTimer
ScreenToClient
GetWindow
LoadBitmapA
SetWindowRgn
SetWindowLongA
GetWindowDC
GetClassNameA
GetWindowRect
GetDC
GetSystemMetrics
WindowFromDC
ReleaseDC
InvalidateRect
OffsetRect
GetWindowTextA
InflateRect
DrawTextA
GetCursorPos
WindowFromPoint
BeginPaint
GetClientRect
EndPaint
RedrawWindow
CallWindowProcA
ReleaseCapture
PtInRect
GetDlgCtrlID
SetFocus
SetCapture
EnableWindow
ClientToScreen
GetParent
SendMessageA
PostMessageA
EndDeferWindowPos
DeferWindowPos

gdi32

GetObjectA
DeleteObject
SelectObject
CreateFontIndirectA
SetBkMode
SetTextColor
GetTextExtentPoint32A
MoveToEx
LineTo
CreatePen
CreateSolidBrush
SetBkColor
DeleteDC
BitBlt
CreateCompatibleDC
CreateRoundRectRgn
Arc
CreateBitmap
ExtTextOutA
GetDeviceCaps
GetStockObject
CombineRgn
CreateRectRgnIndirect
RectInRegion
CreateCompatibleBitmap
PatBlt
DPtoLP
GetMapMode
CreateRectRgn
PtVisible
RectVisible
TextOutA
Escape

shell32

ShellExecuteA

Sections

.text
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 480KB - Virtual size: 479KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

baf0d4b52c62213d3e0639055ec20298

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

gdi32

shell32

Sections

.text Size: 68KB - Virtual size: 65KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 4KB - Virtual size: 8KB

.rsrc Size: 480KB - Virtual size: 479KB

.text
Size: 68KB - Virtual size: 65KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 4KB - Virtual size: 8KB

.rsrc
Size: 480KB - Virtual size: 479KB