4bfcaa97d956e5090321c030a02a0ec0_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

4bfcaa97d956e5090321c030a02a0ec0_NeikiAnalytics.exe
Size

1.8MB
MD5

4bfcaa97d956e5090321c030a02a0ec0
SHA1

029d7a3a6eaae898bcfbfb5133ab0f4a47986dbd
SHA256

dad9c9fb8b79545fc7a25da6b3baf4dc7b006d4419b2a578304fff1233d83691
SHA512

2cd5f2c89470a0a4c023e5b6928f25c53884addf479084ee49e66f2686323b84e5db197b1668fc9c0247eb841e721f0a43d84c71cc57be5b65717f9462e356d2
SSDEEP

49152:8dfUGkesMKp3ybWIxUE878y2e83wMJLACSYCpSqXStH:a2MGyKIKr78yR5MSNUd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4bfcaa97d956e5090321c030a02a0ec0_NeikiAnalytics.exe

Files

4bfcaa97d956e5090321c030a02a0ec0_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

d22aa6224497e885f14c6f317d8939f6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

crtdll

wcschr
wcsstr
free
_wcsdup
wcslen
wcsrchr
wcscspn
gmtime
_ultoa
fclose
wcstok
ftell
fseek
_fdopen
_open_osfhandle
malloc
getc
fwrite
_wcsnicmp
wcscmp
iswalpha
fread
memset

kernel32

GetFileAttributesW
lstrlenW
lstrcpyW
lstrcatW
GlobalFree
GlobalUnlock
GlobalHandle
GlobalReAlloc
GlobalAlloc
GlobalLock
MultiByteToWideChar
WideCharToMultiByte
CreateDirectoryW
SystemTimeToFileTime
GetCommandLineW
SetFileTime
CreateFileW
FileTimeToSystemTime
FileTimeToLocalFileTime
lstrlenA
GetSystemDirectoryW
GetWindowsDirectoryW
GetTempPathW
lstrcmpW
Sleep
GetModuleFileNameW
SearchPathW
LocalFree
FormatMessageW
GetLastError
FindClose
FindNextFileW
RemoveDirectoryW
FindFirstFileW
DeleteFileW
SetFileAttributesW
GetExitCodeThread
WaitForSingleObject
CreateThread
LocalFileTimeToFileTime
DosDateTimeToFileTime
CompareFileTime
GetFileSize
GetFileTime
lstrcmpiA
GetCurrentProcess
GetProcAddress
GetExitCodeProcess
CreateProcessW
GetShortPathNameW
lstrcmpiW
GetCurrentThreadId
GetVersionExA
GetModuleHandleA
ExitProcess
CloseHandle

user32

DestroyIcon
wsprintfW
SendMessageA
UpdateWindow
ShowWindow
CreateDialogParamA
SetWindowPos
CreateWindowExA
PostQuitMessage
DestroyWindow
MessageBoxW
DispatchMessageA
TranslateMessage
IsDialogMessageA
PeekMessageA
CallWindowProcW
GetMessageA
FindWindowW
PostMessageW
UnhookWindowsHookEx
SetWindowTextW
GetKeyState
CallNextHookEx
CheckDlgButton
GetParent
SetWindowsHookExA
CreateWindowExW
GetDesktopWindow
GetSystemMetrics
ReleaseDC
GetDC
GetWindowLongW
SetWindowLongW
GetDlgItem
SetDlgItemTextW
IsWindow
GetWindowTextW
MessageBeep
GetWindowRect
GetDlgItemTextW
IsDlgButtonChecked
DialogBoxParamA
SendMessageW
LoadStringW
LoadStringA
MessageBoxA
WaitForInputIdle
EndDialog

shell32

ShellExecuteW
SHGetSpecialFolderLocation
SHGetMalloc
SHGetFileInfoW
SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteExW

ole32

CoTaskMemFree

comctl32

ord17

gdi32

GetTextExtentPoint32W
SelectObject

mpr

WNetEnumResourceW
WNetOpenEnumW
WNetCloseEnum

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d22aa6224497e885f14c6f317d8939f6

Headers

File Characteristics

Imports

crtdll

kernel32

user32

shell32

ole32

comctl32

gdi32

mpr

Sections

.text Size: 24KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 35KB

.rsrc Size: 28KB - Virtual size: 25KB

.text
Size: 24KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 35KB

.rsrc
Size: 28KB - Virtual size: 25KB