6394c714861ee3167ae3ad7e7fb037a0_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

6394c714861ee3167ae3ad7e7fb037a0_NeikiAnalytics.exe
Size

124KB
MD5

6394c714861ee3167ae3ad7e7fb037a0
SHA1

afecaf1fc5cdea8752a67a2b48da21168fdf6516
SHA256

056b9f6d2efccb362ceb55cac67f0c0b98bc3ea064fa635ed6a1310316897978
SHA512

ee5c9411c09bfc02ff68a8cb021dc8e4b42e67f772589c2eb898f3901c613ceba58301ca18c6d17a49c88b9b2c33c9b0395e073d24d01349c73211e11c6376fb
SSDEEP

1536:xF68SWd9l6GBF0JAVhYs8StLc1mZHbwIp8ZGKvnYUzYQ5N6w3MsOE/VsxbE3ZoDi:xFpXl6+DSsztsN0tmobGombOOh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6394c714861ee3167ae3ad7e7fb037a0_NeikiAnalytics.exe

Files

6394c714861ee3167ae3ad7e7fb037a0_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

c714111b7ba19ad3129f67110c41f2c1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

bc32fn

DBDatabase
FreeLocalData
RADDR
pvTerminateProgram
AllocLocalData
DefineOutputDev
DITTA
SetString
Close
FormatDouble
fd1
DBClose
BCGetFileSize
szTmpBuf
BCRound
ZDBSORGENTE
GetPartOfString
ZDB_VALRECORD
PHB
ZVER_CONFIG
DBFILEINFO
SetExEuro
DBXAccess
BcxExit
WriteDB5
DelDB4
UpdateDB5
WS
FormatNumBlk
ZNOKEY
SetCondition
GetDB5
ZENDFIL
CallDllFunction2
ZPREXTEND
bPrintFileName
bGetActualArgsExv
ZEXVARG
PropertiesEx
ZTRADVER
ZMINVER
ZMINVERUX
pszCurrentModule
ANNOEXT
FormatNumber
BcMain2
StrAdd
PHD
ComposeFileName
FindDB5
SkipRightBlk
GR
bOptimizeSearch
iNewFrmSpec
pszSUBProto
psArgv
iArgc
CallAllPrograms
PROGC
ZNOMEXE
DBXISAMExvInterpreter

bc32ui

GetStyle
DeleteWindow
ExitTerminateProgram
WgsInitData
RCCHAN
DBRemoveVars
EntryTerminateProgram
ExitInitProgramData
RRA
RIF
KYM
RI
cColsRI
cRowsRI
EntryInitProgramData
CANVID
SetLabelEnable
SetEditConditions3
SetFuncKeyEnable
DBDefineStructs
DBCreateVars2
ABCPRB
DefineButton6
ZINIDEC
pszDecodMessage
SetButtonCoupon2
SYSDATEXT
BlobAdd
FreeBlob
DefineGroupBox3
DefineTVDouble
DefineComboOptions
WgsSetEnabledKeys
WgsSetDefinedKeys
WgsSetUncheckedKeys
WgsMessageBoxEx
EntrySub2
LoadControlStruct
DefineEdit11
DefineButtonIvt
DefinePos4
ExitSub
InsertRowGrid9
TraceDebug2
pszID
DefineWindow10
DefineFormat
DefineLabel3
DefineAdvGrid11
DefineTVString
InsertColGrid9
DefineCellGrid15
DefineAdvGridEnd
DefFuncKey3
RRI
ZDECOD
RCI
RunWindow5
ABC
ZVIDCOMPVIS
WgsRestoreInputData
ZGRIGA
GettingRowGrid
RCSRCH
SearchSTR
WgsExitAppThread
WgsInitID
szProgramName

kernel32

TerminateProcess
GetCurrentProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
GetProcAddress
RaiseException
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
LoadLibraryA
LCMapStringA
LCMapStringW
ExitProcess

Sections

.text
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c714111b7ba19ad3129f67110c41f2c1

Headers

File Characteristics

Imports

bc32fn

bc32ui

kernel32

Sections

.text Size: 72KB - Virtual size: 68KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 36KB - Virtual size: 36KB

.rsrc Size: 4KB - Virtual size: 924B

.text
Size: 72KB - Virtual size: 68KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 36KB - Virtual size: 36KB

.rsrc
Size: 4KB - Virtual size: 924B