6cde6b34f1c64c70118416d79ddebd00_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

6cde6b34f1c64c70118416d79ddebd00_NeikiAnalytics.exe
Size

1.1MB
MD5

6cde6b34f1c64c70118416d79ddebd00
SHA1

05fa596378dcf073ecb06d5c9041aafafa68c7ff
SHA256

0fdf478336844588d611d5c412ea0f126f162b0bc0618f215a9c97b3cf67fdcf
SHA512

085180268d39586abefccb7b59e000e4e8d1224812848a24f87b19ed461ce408da9231a042197dd20c0289fc364aac4b3423d9ab7e0662e4ef190596f32da787
SSDEEP

24576:gwyjcbxnxofN2w47maVe6FPiFrZddCN/j2GLl3iFSE33b9:gwSQxnxc27KFiPMoN/j2U4FH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6cde6b34f1c64c70118416d79ddebd00_NeikiAnalytics.exe

Files

6cde6b34f1c64c70118416d79ddebd00_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

67efd1d08a41f07b61c6e3dc7c87dbf0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

t:\orgchart\x86\ship\0\orgchart.pdb

Imports

kernel32

IsDBCSLeadByteEx
GetFileSize
SetEndOfFile
SetErrorMode
GetAtomNameA
GetAtomNameW
AddAtomW
DeleteAtom
GetProfileIntA
GetUserDefaultLangID
LoadLibraryA
CreateFileA
GetModuleFileNameA
FindFirstFileA
FindClose
GetSystemDefaultLangID
GetDriveTypeA
GetCurrentDirectoryA
FormatMessageW
GetLastError
MultiByteToWideChar
GetTempPathA
GetTempFileNameA
GetProfileStringA
CompareStringA
GlobalAddAtomA
GlobalGetAtomNameA
GlobalDeleteAtom
WideCharToMultiByte
lstrcmpiA
CloseHandle
DeleteFileA
SetFilePointer
ReadFile
WriteFile
GlobalHandle
GetTickCount
lstrlenA
GlobalFlags
FreeLibrary
LocalAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoA
InterlockedCompareExchange
Sleep
InterlockedExchange
GetModuleHandleW
GetProcAddress
GetProcessHeap
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
VirtualProtect
GlobalReAlloc
GlobalSize
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
RaiseException

gdi32

TextOutA
GetTextCharset
GetTextExtentPoint32A
ExtCreatePen
GetMapMode
SetMapMode
CreateICA
Escape
CreateBitmap
GetTextFaceA
CreateFontIndirectW
ExtTextOutA
CreateRectRgn
CreateMetaFileA
CloseMetaFile
CreateFontA
GetTextMetricsA
CreatePatternBrush
CreateCompatibleDC
OffsetRgn
SetStretchBltMode
TranslateCharsetInfo
DeleteDC
GetDIBits
GetDeviceCaps
GetPaletteEntries
StretchDIBits
SetMetaFileBitsEx
GetViewportOrgEx
SetTextAlign
SetViewportOrgEx
SetWindowExtEx
SetViewportExtEx
PlayMetaFile
DeleteMetaFile
CreatePalette
CreateCompatibleBitmap
GetStockObject
GetWindowOrgEx
DeleteObject
RestoreDC
BitBlt
PatBlt
LineTo
MoveToEx
CreatePen
SetBkColor
SetTextColor
GetObjectA
SelectObject
SaveDC
IntersectClipRect
Arc
Polygon
DPtoLP
LPtoDP
PaintRgn
CreateRoundRectRgn
RoundRect
SetBkMode
CreateSolidBrush
InvertRgn
CreatePolygonRgn
GetNearestColor
ExcludeClipRect
Rectangle
SetWindowOrgEx
RealizePalette
SelectPalette
GetTextExtentPointA
Polyline
SetROP2
GetROP2
SetPolyFillMode
SelectClipRgn
SetDIBits

user32

GetScrollPos
GetMessageTime
ScrollWindow
GetDlgItem
SetDlgItemInt
GetDlgItemInt
EndDialog
DialogBoxParamW
FrameRect
ScreenToClient
GetClassNameA
GetActiveWindow
GetWindowTextW
DeleteMenu
AppendMenuA
GetWindowPlacement
EqualRect
GetMessagePos
RegisterClassExA
LoadImageA
LoadIconA
GetMenuItemID
ModifyMenuA
GetSystemMetrics
GetMenuStringW
LoadMenuA
DestroyMenu
RemoveMenu
SendMessageW
CreateWindowExW
RegisterClipboardFormatA
SetDlgItemTextW
GetDlgItemTextW
LoadAcceleratorsA
SetWindowTextW
GetWindowTextA
SetDlgItemTextA
GetDlgItemTextA
CheckDlgButton
EnableWindow
ModifyMenuW
GetMenuState
GetCursorPos
GetMenuCheckMarkDimensions
LoadStringA
LoadBitmapA
CharNextA
SetScrollInfo
GetScrollInfo
GetScrollRange
GetUpdateRect
KillTimer
SetTimer
GetCaretBlinkTime
IsWindowEnabled
GetClipboardOwner
GetKeyboardLayout
GetKeyState
GetClientRect
InvertRect
InflateRect
ReleaseDC
GetDC
InvalidateRect
EmptyClipboard
SetClipboardData
CloseClipboard
IsClipboardFormatAvailable
OpenClipboard
GetWindowLongA
CopyRect
SendMessageA
GetParent
FillRect
SetRect
DestroyWindow
CreateWindowExA
OffsetRect
IsWindowVisible
GetWindow
UpdateWindow
CheckRadioButton
CheckMenuItem
PtInRect
IntersectRect
GetMenu
GetMenuItemCount
DrawMenuBar
FindWindowA
BringWindowToTop
GetMessageA
TranslateMDISysAccel
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
IsIconic
SetWindowPos
PostQuitMessage
SetForegroundWindow
GetDlgCtrlID
GetDoubleClickTime
MessageBeep
DefMDIChildProcA
EnableMenuItem
ClientToScreen
GetSubMenu
TrackPopupMenu
PeekMessageA
SetCursor
LoadStringW
MessageBoxW
SetScrollPos
GetFocus
ShowWindow
ValidateRect
GetWindowRect
MoveWindow
GetClipboardData
UnionRect
LoadCursorA
RegisterClassA
DefWindowProcA
SetWindowLongA
ReleaseCapture
SetFocus
SetCapture
PostMessageA
BeginPaint
EndPaint
DrawFocusRect
IsDlgButtonChecked
GetSysColor
DefFrameProcA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

ole32

OleBuildVersion
OleInitialize
CoRegisterClassObject
CreateItemMoniker
CreateGenericComposite
CreateFileMoniker
CoGetMalloc
CoRevokeClassObject
OleUninitialize
CreateOleAdviseHolder
CreateDataAdviseHolder
ReleaseStgMedium
OleRegEnumFormatEtc
WriteClassStg
WriteFmtUserTypeStg
GetRunningObjectTable
CoDisconnectObject
CreateStreamOnHGlobal
OleSaveToStream
WriteClassStm
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
OleFlushClipboard
OleSetClipboard

msvcr80

_controlfp_s
_except_handler4_common
_decode_pointer
_onexit
_lock
__dllonexit
_unlock
_crt_debugger_hook
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
atof
atoi
toupper
rename
_stricmp
_strnicmp
_splitpath_s
_vsnprintf
__argc
__argv
memchr
strftime
_time64
_localtime64_s
memset
_CIasin
_CIatan2
_CIcos
_CIsin
_CIsqrt
memmove
_invoke_watson

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

comctl32

ord17

shell32

SHGetFolderPathA

Sections

.text
Size: 462KB - Virtual size: 461KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 588KB - Virtual size: 592KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

67efd1d08a41f07b61c6e3dc7c87dbf0

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

gdi32

user32

advapi32

ole32

msvcr80

winspool.drv

comctl32

shell32

Sections

.text Size: 462KB - Virtual size: 461KB

.data Size: 2KB - Virtual size: 139KB

.rsrc Size: 33KB - Virtual size: 32KB

.reloc Size: 588KB - Virtual size: 592KB

.text
Size: 462KB - Virtual size: 461KB

.data
Size: 2KB - Virtual size: 139KB

.rsrc
Size: 33KB - Virtual size: 32KB

.reloc
Size: 588KB - Virtual size: 592KB