16eb75c90e078940fdf2fe6fc1d68e40_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

16eb75c90e078940fdf2fe6fc1d68e40_NeikiAnalytics.exe
Size

369KB
MD5

16eb75c90e078940fdf2fe6fc1d68e40
SHA1

7f7dd1af419ce6d7581a80fd03cc949a0ff4541d
SHA256

27fb699320e9b28f712e341f4f8eb80b7bda283dbb10fbd62c0f0959644f9f69
SHA512

ea0fb715fd832654609879679f87b7afe4db9d8aa965947ea75b2511207f58e68e82462c83b2755ea0a3385b1da6231f33932847b16b4271e90f8bfed426d43a
SSDEEP

6144:/YhV0RMPBBmhZTqRLZQrn+PeRj7smi9M4zAt7kk8leK:AhVJJByZmRVQrm0j7s1u7+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16eb75c90e078940fdf2fe6fc1d68e40_NeikiAnalytics.exe

Files

16eb75c90e078940fdf2fe6fc1d68e40_NeikiAnalytics.exe
.exe windows:5 windows x86 arch:x86

cd1881aab018a43d347aa9070ddc1e18

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
SetEvent
ExitThread
GetModuleHandleW
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
DeleteFileW
MoveFileW
Sleep
GetModuleFileNameW
MoveFileExW
GetCommandLineW
CreateProcessW
ExpandEnvironmentStringsW
WideCharToMultiByte
MultiByteToWideChar
GetFileAttributesW
HeapAlloc
HeapFree
IsDebuggerPresent
UnhandledExceptionFilter
LocalFree
ResetEvent
CreateFileA
GetProcessHeap
SetEndOfFile
WriteConsoleW
CloseHandle
WriteConsoleA
FlushFileBuffers
SetStdHandle
ReadFile
GetConsoleMode
GetConsoleCP
SetFilePointer
GetLocaleInfoW
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetModuleHandleA
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStartupInfoA
CreateEventW
InitializeCriticalSection
SetUnhandledExceptionFilter
SetErrorMode
GetTickCount
WaitForSingleObject
WriteFile
GetLastError
GetSystemTimeAsFileTime
GetFileType
SetHandleCount
IsValidCodePage
GetOEMCP
GetACP
GetModuleFileNameA
GetStdHandle
HeapReAlloc
VirtualAlloc
VirtualFree
GetCurrentProcess
HeapCreate
HeapSize
GetFileTime
CreateFileW
GetVolumeInformationW
GetVersionExW
GetVolumePathNameW
GetSystemDirectoryW
InterlockedDecrement
LoadLibraryW
GetConsoleOutputCP
GetProcAddress
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStringTypeW
LCMapStringW
LCMapStringA
GetCPInfo
RtlUnwind
RaiseException
TerminateProcess
DeleteCriticalSection
InterlockedExchange
InterlockedCompareExchange
InterlockedIncrement
GetStartupInfoW

user32

LoadCursorW
KillTimer
SetRect
DestroyWindow
DefWindowProcW
MessageBoxW
BeginPaint
DrawIconEx
PostMessageW
IsDialogMessageW
EndPaint
RedrawWindow
GetSystemMetrics
LoadIconW
LoadImageW
SetFocus
GetSysColor
SendMessageW
SetTimer
EnableWindow
FlashWindow
AttachThreadInput
SetWindowPos
PostQuitMessage
SetWindowLongW
SetWindowTextW
DispatchMessageW
TranslateMessage
SetCursor
GetMessageW
SetParent
ShowWindow
CreateWindowExW
AdjustWindowRectEx
RegisterClassExW
GetSysColorBrush

gdi32

GetStockObject
GetObjectW
SelectObject
CreateBitmap
CreateCompatibleDC
BitBlt
SetDIBitsToDevice
CreateFontIndirectW

gdiplus

GdipDeleteBrush
GdipCreateSolidFill
GdipDisposeImage
GdipCreateFromHDC
GdipDeleteGraphics
GdipFillRectangleI
GdipDrawImageRectI
GdipLoadImageFromStream
GdipGetImageWidth
GdipGetImageHeight
GdiplusStartup
GdiplusShutdown

shlwapi

StrCpyW

comctl32

InitCommonControlsEx

comdlg32

GetSaveFileNameW

advapi32

RegQueryInfoKeyW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
CryptGetHashParam
RegEnumKeyExW

ole32

OleSetContainedObject
OleCreate
OleLockRunning
CoInitializeEx
CreateStreamOnHGlobal
GetHGlobalFromStream
CoCreateInstance
CoUninitialize
CoInitializeSecurity
CoSetProxyBlanket

oleaut32

VariantClear
SysFreeString
SysAllocString

Sections

.text
Size: 247KB - Virtual size: 246KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cd1881aab018a43d347aa9070ddc1e18

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

gdiplus

shlwapi

comctl32

comdlg32

advapi32

ole32

oleaut32

Sections

.text Size: 247KB - Virtual size: 246KB

.rdata Size: 72KB - Virtual size: 71KB

.data Size: 33KB - Virtual size: 41KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 247KB - Virtual size: 246KB

.rdata
Size: 72KB - Virtual size: 71KB

.data
Size: 33KB - Virtual size: 41KB

.rsrc
Size: 16KB - Virtual size: 15KB