3184b6e5a710556361ad76114c326650_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

3184b6e5a710556361ad76114c326650_NeikiAnalytics.exe
Size

4.8MB
MD5

3184b6e5a710556361ad76114c326650
SHA1

b62da96df013d44e05e4f1c6362bee48e177b026
SHA256

36df231cf15e74fc0ecf38ba0e0420027cb1f729a419a28fe65080b1dec92002
SHA512

cf2476265064f7e245718423727d978bcefa4f12ae0d7a3bdbde185e3a0e2bcb4e60e7eab0f9479527ee203fb7c75796145b9fdb4b62bcb639244a7752a3af44
SSDEEP

49152:l0SObg56xgufiJQlQXi6VSgIS96tVNPa+lHUBK:G9xguf3lp6VIAAo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3184b6e5a710556361ad76114c326650_NeikiAnalytics.exe

Files

3184b6e5a710556361ad76114c326650_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

0f4392b8c99a4d63516641a1e4f65d7b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

closesocket
listen
recv
send
shutdown
recvfrom
sendto
connect
htons
socket
bind
WSACleanup
setsockopt
getsockname
accept
WSAGetLastError
ntohs
getsockopt
select
ioctlsocket
inet_addr
gethostbyname
WSAStartup
gethostname
inet_ntoa

winmm

sndPlaySoundA

mpr

WNetGetUserA
WNetGetUserW

kernel32

FindFirstFileW
FindNextFileA
FindNextFileW
Sleep
GetTickCount
SetEvent
LoadLibraryA
LoadLibraryW
GetProcAddress
FindClose
ReadFile
SetLastError
CreateFileA
CreateFileW
GetModuleFileNameA
GetModuleFileNameW
GetCurrentDirectoryA
GetCurrentDirectoryW
FreeLibrary
GetFileAttributesA
GetFileAttributesW
DeleteFileA
DeleteFileW
RemoveDirectoryA
RemoveDirectoryW
UnmapViewOfFile
ExitThread
InitializeCriticalSection
CreateEventA
LoadResource
FindResourceA
FindResourceW
MapViewOfFile
CreateFileMappingA
SizeofResource
GetModuleHandleA
GetCommandLineA
GetCommandLineW
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalMemoryStatus
AllocConsole
LocalFree
FormatMessageA
FormatMessageW
Beep
FlushFileBuffers
GetFileSize
SetFileAttributesA
SetFileAttributesW
MoveFileA
MoveFileW
CreateDirectoryA
FindFirstFileA
GetFullPathNameA
GetFullPathNameW
SetFilePointer
SetEndOfFile
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
GetTempPathA
GetTempPathW
GetLogicalDriveStringsA
GetLogicalDriveStringsW
WriteFile
PurgeComm
SetCommState
GetCommState
SetCommTimeouts
GetCommTimeouts
GetLocalTime
GetLocaleInfoA
GetLocaleInfoW
CompareStringA
CompareStringW
EnumSystemLocalesA
EnumSystemLocalesW
CreateProcessA
CreateProcessW
TerminateProcess
GetExitCodeProcess
SetHandleInformation
CreatePipe
PeekNamedPipe
GetStdHandle
GetProfileStringA
lstrcpyA
lstrlenA
GlobalFree
GetVersionExA
HeapReAlloc
MultiByteToWideChar
HeapCreate
HeapDestroy
GetVersion
GetStartupInfoA
GetCurrentProcess
ExitProcess
HeapFree
HeapAlloc
GetLastError
DeleteCriticalSection
GetCurrentThreadId
TlsSetValue
TlsAlloc
WaitForSingleObject
EnterCriticalSection
LeaveCriticalSection
CreateThread
CloseHandle
VirtualFree
GetSystemInfo
VirtualAlloc
InterlockedDecrement
InterlockedIncrement
TlsGetValue
RaiseException
RtlUnwind
SetHandleCount
GetFileType
WideCharToMultiByte
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetEnvironmentVariableW
GetCPInfo
GetACP
GetOEMCP
SetEnvironmentVariableA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetStdHandle
CreateDirectoryW
WriteConsoleA

user32

CharUpperBuffW
IsCharAlphaW
IsCharAlphaNumericW
IsCharLowerW
IsCharUpperW
ReleaseDC
CreateCursor
CreateIconIndirect
MoveWindow
ShowWindow
SetActiveWindow
SetWindowPos
BeginPaint
EndPaint
SetCapture
GetKeyState
GetAsyncKeyState
MapWindowPoints
GetCursorPos
PtInRect
WindowFromPoint
AdjustWindowRectEx
SetWindowLongW
SetForegroundWindow
CharLowerBuffW
GetWindowLongA
SetWindowLongA
SetFocus
SetClassLongA
DrawEdge
IsZoomed
GetParent
GetSystemMetrics
ReleaseCapture
GetClientRect
GetWindowRect
ScreenToClient
SetClipboardData
EmptyClipboard
OpenClipboard
GetClipboardData
CloseClipboard
DefWindowProcA
CallWindowProcA
CreateWindowExA
RegisterClassA
LoadCursorA
SetCursor
TranslateMessage
DispatchMessageA
FindWindowA
IsCharUpperA
IsCharLowerA
IsCharAlphaNumericA
IsCharAlphaA
CharUpperBuffA
CharLowerBuffA
DestroyWindow
IntersectRect
MessageBoxW
PeekMessageA
GetMessageA
KillTimer
SetTimer
PostMessageA
SetWindowTextW
SetWindowTextA
GetWindowTextW
GetWindowTextA
MessageBeep
IsIconic
GetDC
GetWindowTextLengthA

gdi32

GetStockObject
DeleteObject
CreateDIBSection
CreateCompatibleBitmap
BitBlt
SelectObject
CreateCompatibleDC
SetPixel
GetPixel
CreateFontIndirectA
CreateFontIndirectW
EnumFontFamiliesA
EnumFontFamiliesW
GetTextMetricsA
GetTextExtentPoint32W
CreateSolidBrush
CreatePen
CreateRectRgn
CreateDCA
StretchBlt
SetTextColor
SetBkMode
Polygon
Polyline
Rectangle
Ellipse
SetROP2
TextOutW
SetMiterLimit
SetViewportOrgEx
SelectClipRgn
ExtCreatePen
StartDocA
EndDoc
StartPage
EndPage
GetRegionData
DeleteDC
GetDeviceCaps

winspool.drv

EnumPrintersA

comdlg32

PrintDlgA

advapi32

GetUserNameA

shell32

DragQueryPoint
Shell_NotifyIconA
DragQueryFileW
DragQueryFileA
DragFinish
ExtractIconExA
DragAcceptFiles

Exports

Exports

_EweMain@24

Sections

.text
Size: 436KB - Virtual size: 433KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.4MB - Virtual size: 4.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0f4392b8c99a4d63516641a1e4f65d7b

Headers

File Characteristics

Imports

ws2_32

winmm

mpr

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

Exports

Exports

Sections

.text Size: 436KB - Virtual size: 433KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 28KB - Virtual size: 98KB

.rsrc Size: 4.4MB - Virtual size: 4.4MB

.text
Size: 436KB - Virtual size: 433KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 28KB - Virtual size: 98KB

.rsrc
Size: 4.4MB - Virtual size: 4.4MB