106fcb0ec1e43eb07f594c28a1112ce0_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

106fcb0ec1e43eb07f594c28a1112ce0_NeikiAnalytics.exe
Size

90KB
MD5

106fcb0ec1e43eb07f594c28a1112ce0
SHA1

0df291397c243c51fd0a59a74d262f8c874506da
SHA256

ab0673a84ab1c4182191d66f7d69afa71c9a6bd313b20c3ba52c62e5ee83a9fd
SHA512

6fcfdb1cbd2f3e6d8b0bfeb2b4d83ba5577325cdffb5266c94916ef41c54690b256980436b73b4782f228f276025681c1fcee5d251d6da9b4915f7f0986830f4
SSDEEP

1536:Dk7xeN0ZhhdvcXVUm89CuYO14WqkYeMiSdlg6eesfzcbk1mhg9kj5n:Dk1eN0/hdUVUr9771XinheTYbVh5h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
106fcb0ec1e43eb07f594c28a1112ce0_NeikiAnalytics.exe

Files

106fcb0ec1e43eb07f594c28a1112ce0_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

e3d6498467eb01cfd1939a8c963aa374

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadWritePtr
VirtualAlloc
CreateNamedPipeW
GetUserDefaultLangID
GetProcessHeap
GetThreadLocale
GetTempFileNameA
OpenSemaphoreA
lstrcmpiW
GetEnvironmentVariableW
CreateThread
GetFullPathNameA
CopyFileExW
EnumTimeFormatsW
IsBadReadPtr
OpenWaitableTimerW
GetEnvironmentStringsA
WaitForSingleObject
DisconnectNamedPipe
GetDiskFreeSpaceA
FatalAppExitW
GetWindowsDirectoryA
EnumDateFormatsW
EnumDateFormatsA
CopyFileExA
GetTempPathW
GetVersionExA
GetSystemDefaultLangID
GetVersion
FindAtomW
GetEnvironmentVariableA
GetFileType
ExpandEnvironmentStringsW
AddAtomA
LocalAlloc
ReplaceFileA
GetProcessHeaps
CreateFileMappingA
GetSystemTime
lstrcpynW
LocalFree
lstrcatW
ExitProcess
GetNumberFormatW
CreateEventA
DeleteAtom
FreeLibrary
IsValidCodePage
MulDiv
EnumCalendarInfoA

user32

ArrangeIconicWindows
CheckDlgButton
SetWindowTextA
GetMenuStringW
CloseWindow
LoadMenuIndirectW
GetForegroundWindow
GetClassInfoExW
GetWindowLongA
CallWindowProcW
GetDC
SetCursor
IsMenu
wsprintfA
SetWindowPos
CheckMenuRadioItem
SetForegroundWindow
MessageBeep
RegisterClassW
SetCapture
TrackPopupMenu
LoadCursorW
GetDlgItemTextA
GetMessageA
AppendMenuA
IsWindow
LoadCursorA
CreateDialogIndirectParamW
LoadIconA
DefDlgProcA
InsertMenuW
GetClassInfoW
CallWindowProcA
GetClassInfoExA
SetWindowLongW
IsChild
GetMenuItemID
wvsprintfW
GetDC
CopyIcon
GetAsyncKeyState
GetCursorPos
CreateWindowExW
DestroyMenu
GetDlgItemTextW
wsprintfW

gdi32

GetGraphicsMode
SetMapperFlags
SelectClipRgn
GetPolyFillMode
UpdateColors
SetBitmapDimensionEx
EndPath
CreateBrushIndirect
GdiGetBatchLimit
StrokeAndFillPath
Arc
SetColorSpace
SetArcDirection
SetViewportExtEx
GetMetaFileA
CreateCompatibleDC
DeleteMetaFile

advapi32

RegOpenKeyA
RegDeleteValueW
RegQueryInfoKeyA
RegReplaceKeyA
ConvertSidToStringSidW
RegOpenKeyExA

shell32

SHGetDiskFreeSpaceExA
StrCmpNIA
StrStrIW
ExtractIconExA
StrStrW
DuplicateIcon

comdlg32

PrintDlgExW
ReplaceTextW
PrintDlgExA
ChooseFontA

urlmon

HlinkGoBack

crypt32

CryptMsgOpenToDecode

Sections

.dIjpP
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.GMd
Size: 1KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pUltCa
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.yN
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.WKF
Size: 1024B - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.X
Size: 1024B - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.PD
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Y
Size: 512B - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 213KB - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mor
Size: 2KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e3d6498467eb01cfd1939a8c963aa374

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

comdlg32

urlmon

crypt32

Sections

.dIjpP Size: 10KB - Virtual size: 12KB

.GMd Size: 1KB - Virtual size: 22KB

.pUltCa Size: 4KB - Virtual size: 3KB

.yN Size: 1024B - Virtual size: 3KB

.WKF Size: 1024B - Virtual size: 7KB

.X Size: 1024B - Virtual size: 38KB

.PD Size: 4KB - Virtual size: 5KB

.Y Size: 512B - Virtual size: 37KB

.rsrc Size: 213KB - Virtual size: 213KB

.mor Size: 2KB - Virtual size: 56KB

.dIjpP
Size: 10KB - Virtual size: 12KB

.GMd
Size: 1KB - Virtual size: 22KB

.pUltCa
Size: 4KB - Virtual size: 3KB

.yN
Size: 1024B - Virtual size: 3KB

.WKF
Size: 1024B - Virtual size: 7KB

.X
Size: 1024B - Virtual size: 38KB

.PD
Size: 4KB - Virtual size: 5KB

.Y
Size: 512B - Virtual size: 37KB

.rsrc
Size: 213KB - Virtual size: 213KB

.mor
Size: 2KB - Virtual size: 56KB