3df55804a850e12b2558859afe819da0_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

3df55804a850e12b2558859afe819da0_NeikiAnalytics.exe
Size

6.3MB
MD5

3df55804a850e12b2558859afe819da0
SHA1

80bc8c1080b10fbd2a81484a5e10947f0d6b7c50
SHA256

2043db4aed8b86c7b5bd9588b2058f6ef926b09de67b35661faea05ce5b07648
SHA512

ffa84058a4ce7888f38260c4232f5ed6008378f053eef01e8f03166f5e6d9efd693843ec9fcc7dca6f335a525ea78a01e22458e48efacec7698da8b278068a75
SSDEEP

98304:P9yg7ddrXClutmwFgj+OU0mnpB//5/14UUQEvNDHzg8gKiACNuMVh8dA:P4g7dBCamwmj+HnpREbvK8gKibg8h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3df55804a850e12b2558859afe819da0_NeikiAnalytics.exe

Files

3df55804a850e12b2558859afe819da0_NeikiAnalytics.exe
.dll windows:6 windows x86 arch:x86

0731391d79d0791fb1ea7b0e52e8c3ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetStdHandle
OutputDebugStringW
LoadLibraryExW
WriteConsoleW
ReadFile
GetConsoleMode
GetConsoleCP
FlushFileBuffers
CloseHandle
GetModuleFileNameW
WriteFile
ReadConsoleW
CreateFileW
SetEndOfFile
EnumResourceTypesW
GetThreadLocale
SetThreadLocale
GetPrivateProfileIntW
GetTempPathW
GetFileAttributesW
HeapCreate
GetExitCodeProcess
HeapDestroy
GetSystemDefaultUILanguage
CompareFileTime
GetDriveTypeW
EncodePointer
SetFilePointerEx
GetCPInfoExW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
GetOEMCP
GetACP
WideCharToMultiByte
DecodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
MultiByteToWideChar
GetStringTypeW
GetLastError
HeapFree
HeapReAlloc
GetSystemTimeAsFileTime
GetCommandLineA
GetCurrentThreadId
RaiseException
RtlUnwind
GetCPInfo
HeapAlloc
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
GetProcAddress
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
IsDebuggerPresent
ExitProcess
GetModuleHandleExW
AreFileApisANSI
HeapSize
GetStdHandle
GetFileType
GetProcessHeap
IsValidCodePage

user32

MessageBoxA
SetCursor
GetWindowRect
GetDC
WaitMessage
SetWindowsHookExA
CheckDlgButton
PostMessageA
RemoveMenu
SetDlgItemTextW
DialogBoxParamA
SetDlgItemTextA
GetWindow
PostMessageW
GetDesktopWindow
SystemParametersInfoA
DefWindowProcA

gdi32

MoveToEx
CreateFontIndirectA
SetDIBColorTable
CopyEnhMetaFileA
CreateHalftonePalette
SelectPalette
SetPaletteEntries
GetCharABCWidthsFloatA
CreateFontIndirectW
GdiFlush
SaveDC

comdlg32

GetOpenFileNameW
FindTextW

advapi32

OpenSCManagerW
RegGetKeySecurity
RegSetValueExW

shell32

SHGetFileInfoW

oleaut32

SafeArrayGetUBound
SysFreeString
SafeArrayCreate
SysReAllocStringLen

Exports

Exports

?__igglidsvhp@@YAKXZ
?__shjtcdvropkkvi@@YAGXZ
?__vdfpfiufh@@YADXZ
?__zbgohcz@@YA_WXZ
?__zogjkwidyxtnrf@@YAEXZ

Sections

.text
Size: 419KB - Virtual size: 419KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5.9MB - Virtual size: 86.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0731391d79d0791fb1ea7b0e52e8c3ce

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

oleaut32

Exports

Exports

Sections

.text Size: 419KB - Virtual size: 419KB

.data Size: 5.9MB - Virtual size: 86.4MB

.idata Size: 3KB - Virtual size: 3KB

.reloc Size: 12KB - Virtual size: 12KB

.text
Size: 419KB - Virtual size: 419KB

.data
Size: 5.9MB - Virtual size: 86.4MB

.idata
Size: 3KB - Virtual size: 3KB

.reloc
Size: 12KB - Virtual size: 12KB