0010f7821ea3abfac7338bc5ac025910_NeikiAnalytics[.]exe

General

Target

0010f7821ea3abfac7338bc5ac025910_NeikiAnalytics.exe
Size

301KB
MD5

0010f7821ea3abfac7338bc5ac025910
SHA1

37d9d31c25a1f0ff733b73d3f1bc24ffd128079d
SHA256

dd538127466ed9c58f7ee909d5a70f85ae85cc5c6207f6989a7904297284b5c6
SHA512

813c7dc45787f9d378841573577a09bf238705fa1f7e428846f42bd5151e66e4e9ff30773022a8f75df237f27c8f73b083094f9ab1817d414f4137215436afee
SSDEEP

6144:SdSwBoPr0CXa0Gm/1TdgobxRZWLK9lvtG7m5dbEuV2jagDQRU:wXojgQNeobP0WS65VEPjagDZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0010f7821ea3abfac7338bc5ac025910_NeikiAnalytics.exe

Files

0010f7821ea3abfac7338bc5ac025910_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

b5144e7387496628129dfa4f616fbd97

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CloseHandle
GetFileTime
lstrcpyW
GetStartupInfoA
ReadFile
GetFileSize
GetCurrentDirectoryA
IsBadStringPtrA
lstrlenW
ReleaseMutex
HeapCreate
GetLastError
FormatMessageA
WriteConsoleW
GetModuleHandleA
IsValidLocale
FindResourceA
GetFileAttributesA
WriteConsoleW
SetPriorityClass
WriteConsoleW

msftedit

RichComboBoxWndProc
SetCustomTextOutHandlerEx
RichListBoxWndProc
RichEditWndProc

clbcatq

SetSetupSave
CheckMemoryGates
CheckMemoryGates
SetupOpen
SetSetupSave
SetupOpen
DllGetClassObject
SetupOpen
ComPlusMigrate
ComPlusMigrate
ComPlusMigrate
CheckMemoryGates
DllGetClassObject

dsprop

CheckADsError

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 290KB - Virtual size: 289KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 1024B - Virtual size: 263B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qedit
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b5144e7387496628129dfa4f616fbd97

Headers

File Characteristics

Imports

kernel32

msftedit

clbcatq

dsprop

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 1KB - Virtual size: 16KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 290KB - Virtual size: 289KB

.adata Size: 1024B - Virtual size: 263B

.qedit Size: 512B - Virtual size: 240B

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 16KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 290KB - Virtual size: 289KB

.adata
Size: 1024B - Virtual size: 263B

.qedit
Size: 512B - Virtual size: 240B