3df238505d6a38fa0e34082ee2b12f40_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

3df238505d6a38fa0e34082ee2b12f40_NeikiAnalytics.exe
Size

1.8MB
MD5

3df238505d6a38fa0e34082ee2b12f40
SHA1

789fe1526f09ac7a1d8a77f063cb1eea7bb69d35
SHA256

d93f8aa3e85b97131e45147f32755c5c587248c7b5e85f871d3f158ab8458858
SHA512

240680ffadc003f47ea5eea4fc5292c74c5a7caf840d4be73002bf397226ee89cbca45f3932ed73c8b4d365b1a7f5b5c4fd70dd03a458cf2c5358225cc7678c6
SSDEEP

24576:YLOXjkFi2mT3aA870ieoxl4bvpoEb0nLN6SFbzkINsbJ4Rua/A6zaaZK:1QFrmT3M/axoEb0nLN6SpAc6OJTlo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3df238505d6a38fa0e34082ee2b12f40_NeikiAnalytics.exe

Files

3df238505d6a38fa0e34082ee2b12f40_NeikiAnalytics.exe
.exe windows:1 windows x86 arch:x86

4bc7442055c5e58516affdb08150e0e7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

gdi32

CreateFontIndirectA
GetStockObject
GetObjectA
ExtCreatePen
SetBkColor
SetTextColor
DeleteEnhMetaFile
GetEnhMetaFileHeader
GetTextExtentPoint32A
SelectObject
SetROP2
MoveToEx
LineTo
SetPixel
SetBkMode
TextOutA
PlayEnhMetaFile
GetEnhMetaFileA
StartDocA
StartPage
GetDeviceCaps
EndPage
EndDoc
DeleteObject
GetTextMetricsA
CreateSolidBrush

kernel32

GlobalLock
GlobalUnlock
Beep
CompareStringA
GetLocalTime
ReadFile
GetCurrentThreadId
GetCommState
BuildCommDCBA
SetCommState
WriteFile
CreateFileA
CloseHandle
MulDiv
LoadLibraryA
FreeLibrary
GetProcAddress
GetProcessHeap
HeapAlloc
HeapReAlloc
GlobalAlloc
HeapFree
GlobalFree
GlobalSize
GlobalMemoryStatus
DeleteFileA
SearchPathA
GetCurrentDirectoryA
Sleep
CreateThread
TerminateThread
FindResourceA
LoadResource
LockResource
FindFirstFileA
FindNextFileA
FindClose
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
GetStdHandle
GetEnvironmentStrings
FreeEnvironmentStringsA
TlsAlloc
TlsFree
TlsSetValue
TlsGetValue
GetFileType
GetLastError
ExitProcess
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
SetFilePointer

odbc32

ord16
ord11
ord72
ord43
ord2
ord1
ord7
ord3
ord31
ord9
ord13
ord10

user32

LoadMenuA
GetSysColor
LoadCursorA
GetSubMenu
GetMenuStringA
FindWindowA
PostQuitMessage
GetSysColorBrush
SendMessageA
GetAsyncKeyState
SetWindowPos
GetMenu
EnableMenuItem
CheckMenuItem
GetMenuItemID
ModifyMenuA
DrawMenuBar
IntersectRect
SetCursor
GetCursorPos
GetWindowRect
PtInRect
SetRect
ValidateRect
GetDlgItem
DestroyWindow
EnableWindow
GetWindow
ScreenToClient
MoveWindow
IsWindowVisible
GetMenuItemCount
DeleteMenu
GetWindowTextA
InsertMenuItemA
CreateWindowExA
SetWindowLongA
GetDC
GetSystemMetrics
ShowWindow
GetDesktopWindow
SystemParametersInfoA
CreatePopupMenu
AppendMenuA
OpenIcon
SetForegroundWindow
GetForegroundWindow
LoadAcceleratorsA
GetWindowLongA
BeginPaint
EndPaint
SetFocus
GetClientRect
FillRect
DefWindowProcA
LoadIconA
RegisterClassA
ScrollWindow
InvalidateRect
HideCaret
ShowCaret
RedrawWindow
DrawTextA
FrameRect
InvertRect
OffsetRect
SetWindowTextA
SetCapture
ReleaseCapture
UpdateWindow
SetDlgItemTextA
GetDlgItemTextA
GetMessageA
DispatchMessageA
IsDialogMessageA
SetScrollInfo
GetScrollInfo
PeekMessageA
TranslateAcceleratorA
GetKeyboardState
ToAscii
GetDlgCtrlID
CreateDialogParamA
CharUpperA
PostMessageA
GetMenuState
DrawIconEx
ClientToScreen
TrackPopupMenuEx
SetTimer
DestroyMenu
GetSystemMenu
UnionRect
SendDlgItemMessageA
SetMenu
MessageBoxA

ws2_32

accept
WSAAsyncSelect
recv
send
WSAStartup
socket
htons
htonl
bind
listen

comdlg32

PrintDlgA
PageSetupDlgA
ChooseFontA
GetOpenFileNameA
GetSaveFileNameA

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 25KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.exc
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4bc7442055c5e58516affdb08150e0e7

Headers

File Characteristics

Imports

comctl32

gdi32

kernel32

odbc32

user32

ws2_32

comdlg32

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.bss Size: - Virtual size: 25KB

.exc Size: 512B - Virtual size: 140B

.data Size: 55KB - Virtual size: 54KB

.rsrc Size: 114KB - Virtual size: 114KB

.idata Size: 5KB - Virtual size: 4KB

.CRT Size: 512B - Virtual size: 8B

.tls Size: 512B - Virtual size: 512B

.reloc Size: 55KB - Virtual size: 55KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.bss
Size: - Virtual size: 25KB

.exc
Size: 512B - Virtual size: 140B

.data
Size: 55KB - Virtual size: 54KB

.rsrc
Size: 114KB - Virtual size: 114KB

.idata
Size: 5KB - Virtual size: 4KB

.CRT
Size: 512B - Virtual size: 8B

.tls
Size: 512B - Virtual size: 512B

.reloc
Size: 55KB - Virtual size: 55KB