68b7f1c64d97acf2df34d375ef10d5b0_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

68b7f1c64d97acf2df34d375ef10d5b0_NeikiAnalytics.exe
Size

63KB
MD5

68b7f1c64d97acf2df34d375ef10d5b0
SHA1

9dd1b754b5609f50f95655c62c512980651933bf
SHA256

4162a888be2f022fe8e44c851e4547bd497705727ba0c461ac6702bac09e94b5
SHA512

7d1303870630834088a7e58541864548dd7f1969147937c78aea53145c33f60568935164efa5e9d754a6f368c8e3242a8bb72ea22423d20558d5eeeca6f3839e
SSDEEP

1536:vNnaNhtEcYECBWh2xMxStiWo4oAqHaCos7W:BaNEcYEh5xSIWo0qHdos7W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
68b7f1c64d97acf2df34d375ef10d5b0_NeikiAnalytics.exe

Files

68b7f1c64d97acf2df34d375ef10d5b0_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

adf23c6d07b8934863fcfadf680025f3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetConnectW
HttpOpenRequestW
InternetSetOptionW
InternetSetPerSiteCookieDecisionW
InternetQueryDataAvailable
InternetCloseHandle
InternetOpenUrlW
InternetAttemptConnect
InternetClearAllPerSiteCookieDecisions
InternetReadFile
HttpSendRequestW
InternetOpenW

shlwapi

StrStrIA
PathCombineW
PathMatchSpecW
wvnsprintfW
PathRemoveFileSpecW
StrStrIW

kernel32

TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetVersionExA
GetTimeZoneInformation
RtlUnwind
MultiByteToWideChar
WideCharToMultiByte
HeapCreate
CopyFileW
CreateThread
OpenEventW
FindClose
GetTickCount
VirtualProtect
CreateProcessW
SetUnhandledExceptionFilter
ExitProcess
CloseHandle
DeleteFileW
LoadLibraryW
GetLastError
ExpandEnvironmentStringsW
GetProcAddress
CreateDirectoryW
Sleep
FindFirstFileW
GetPrivateProfileIntW
GetPrivateProfileStringW
GetCurrentDirectoryW
ResumeThread
VirtualAlloc
HeapReAlloc
GetFileSize
WriteFile
GetLocalTime
SetFilePointer
SetEndOfFile
GetVersionExW
HeapAlloc
CreateWaitableTimerW
SetWaitableTimer
FindNextFileW
SystemTimeToFileTime
GetFileTime
HeapFree
ReadFile
GetModuleFileNameW
WaitForSingleObject
VirtualQuery
CreateFileW
GetFileSizeEx
VirtualFree
GetProcessHeap
GetSystemTime
GetModuleHandleW
GetCommandLineW
CreateEventW
WaitForMultipleObjects
SetEvent

user32

SetWindowPos
SetWindowLongW
PeekMessageW
GetWindowLongW
DispatchMessageW
GetForegroundWindow
SetForegroundWindow
CreateWindowExW
GetSystemMetrics
MessageBoxW
FindWindowW
SetParent
CharLowerW

advapi32

RegOpenKeyExW
RegEnumKeyExW
RegCreateKeyExW
RegQueryValueExW
RegSetValueExW
RegCloseKey

shell32

SHGetFolderPathW

ole32

CoCreateInstance
OleInitialize
CoInitialize

oleaut32

SysFreeString
VariantInit
SysAllocString
VariantClear

Sections

.text
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

adf23c6d07b8934863fcfadf680025f3

Headers

File Characteristics

Imports

wininet

shlwapi

kernel32

user32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 50KB - Virtual size: 49KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 512B - Virtual size: 97KB

.text
Size: 50KB - Virtual size: 49KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 512B - Virtual size: 97KB