7906ff6ae5f5b93de6cb8fbb8aa73510_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

7906ff6ae5f5b93de6cb8fbb8aa73510_NeikiAnalytics.exe
Size

216KB
MD5

7906ff6ae5f5b93de6cb8fbb8aa73510
SHA1

e542dfdffabb869990ff5a23735a8e635209af64
SHA256

0f8f25644228190a6a397808bd03226367068d4962a08e0533a4243df61c9e4e
SHA512

fa59e35b475af900ca6c363fc9bb649f3ab1c44b271ea5075de23ff07bcec09316c906078e9f0d62b4702d2a5bc239a0b1115fb69f6ea386252a3b0c12f554c6
SSDEEP

3072:TRq+AgxXk4iAfCeelBOAMCGhHgKDE+xH1E5XT:TRq+nXkMCeelGhAmxH1U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7906ff6ae5f5b93de6cb8fbb8aa73510_NeikiAnalytics.exe

Files

7906ff6ae5f5b93de6cb8fbb8aa73510_NeikiAnalytics.exe
.dll regsvr32 windows:4 windows x86 arch:x86

6f172fe30b07339be01b839ba5ac9f1e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

pbvm90

ord5872
ord11040
ord10003
ord5198
ord5403
ord5042
ord5371
ord5037
ord5340
ord5373
ord5376
ord5439
ord5153
ord5528
ord5159
ord2862
ord5459
ord13013
ord5069
ord5066
ord5027
ord5028
ord5057
ord5126
ord5062
ord5032
ord5043
ord5056
ord12014
ord12011
ord12010
ord13014
ord13015
ord5405
ord5407
ord5514
ord5040
ord5039
ord5377
ord5162
ord5164
ord5143
ord5529
ord5063
ord5054
ord5053
ord5030
ord5151
ord13016

msvcrt

islower
_lseek
_getpid
_strlwr
_strupr
rename
_read
_onexit
__dllonexit
_adjust_fdiv
malloc
_initterm
free
isupper
_purecall
_ismbbtrail
_ismbcdigit
isdigit
memmove
atol
_atoi64
_itoa
_mbsupr
_mbslwr
_mbscat
_mbsstr
__p__iob
_access
_chdir
_mbscpy
_i64toa
strchr
_mbschr
_mbsicmp
atoi
_mbscmp
_write
_unlink
ungetc
toupper
tolower
strtok
strstr
strrchr
strncpy
strncmp
strncat
strlen
_stricmp
strcpy
strcoll
strcmp
strcat
vsprintf
_setmode
setlocale
_close
ftell
qsort
_putenv
vprintf
_pipe
_open
memset
memcpy
_memicmp
_strnicmp
getenv
_getcwd
getc
fwrite
fflush
fseek
fread
vfprintf
fopen
fgets
fgetc
ferror
feof
fclose
exit
_errno
_creat

kernel32

GetModuleHandleA
GetCPInfo
IsDBCSLeadByte
lstrcmpA
lstrcmpiA
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
GetProcAddress
GlobalAlloc
GlobalLock
GetTickCount
InterlockedDecrement
GlobalUnlock
GlobalFree
InterlockedIncrement
EnterCriticalSection

user32

TranslateMessage
GetMessageA
SetTimer
DispatchMessageA
KillTimer
EnableWindow
SetWindowTextA
GetWindowTextA
CheckRadioButton
GetWindowTextLengthA
EndDialog
SetFocus
GetParent
LoadCursorA
UpdateWindow
InvalidateRect
SendDlgItemMessageA
EnableMenuItem
InsertMenuA
ReleaseDC
GetActiveWindow
GetDC
SetDlgItemTextA
GetDlgItemTextA
SetCursor
MessageBoxA
SendMessageA
GetDlgItem
LoadStringA
wsprintfA

gdi32

GetTextExtentPointA

isqlt09a

ord160
ord180
ord142
ord60
ord58
ord196
ord135
ord78
ord122
ord46
ord30
ord74
ord118
ord68
ord38
ord278
ord64
ord284
ord208
ord301
ord280
ord44
ord66
ord16
ord14
ord12
ord281
ord279
ord34
ord22
ord28
ord96
ord189
ord20
ord40
ord254
ord406
ord163
ord162
ord183
ord253
ord252
ord167
ord154
ord799
ord789
ord813
ord625
ord771
ord811
ord797
ord787
ord817
ord795
ord793
ord188
ord283
ord613
ord88

Exports

Exports

DllRegisterServer
DllUnregisterServer
Inf_AsyncProc
Inf_DatabaseProc
Inf_SecurityBoxProc
Inf_UserBoxProc
Inf_UserSelectBoxProc
PB_DB_Rout
ProfileControlInfo
WEP

Sections

.text
Size: 147KB - Virtual size: 147KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f172fe30b07339be01b839ba5ac9f1e

Headers

File Characteristics

Imports

pbvm90

msvcrt

kernel32

user32

gdi32

isqlt09a

Exports

Exports

Sections

.text Size: 147KB - Virtual size: 147KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 37KB - Virtual size: 37KB

.rsrc Size: 10KB - Virtual size: 10KB

.reloc Size: 11KB - Virtual size: 10KB

.text
Size: 147KB - Virtual size: 147KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 37KB - Virtual size: 37KB

.rsrc
Size: 10KB - Virtual size: 10KB

.reloc
Size: 11KB - Virtual size: 10KB