d460900a248449562c26a4b59b4fe540_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

d460900a248449562c26a4b59b4fe540_NeikiAnalytics.exe
Size

604KB
MD5

d460900a248449562c26a4b59b4fe540
SHA1

a4f559520aea9fef5a83d75d4ae8045a3ab7e064
SHA256

8411131f40e2a06176ec4ab1d67e3b3cb48faf4290d0a4e6af0359262a354bc5
SHA512

10322e319259b4908f44331ebfe4edff6ff6b9b70fb8be4558ba5c82218b77887bf5cfe8524f304278b87dd223d7565cfda2d9462df03d420a56f4f208e9376d
SSDEEP

6144:RHTwsKzrggXT7ptTUeI8LrLUS2PLDJv9WhyNiUm9SHBpDtsfAnW:RHTwsKzMgXTVt/LUSAT6yC9W7eYn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d460900a248449562c26a4b59b4fe540_NeikiAnalytics.exe

Files

d460900a248449562c26a4b59b4fe540_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

562bd6f2269600a1b71ee1edabfe2533

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetClipboardData
PeekMessageA
OpenClipboard
GetClipboardData
TranslateMessage
CloseClipboard
GetMessageA
DispatchMessageA
EmptyClipboard
GetCursorPos
GetSystemMetrics
wsprintfA
MessageBoxA
UnhookWindowsHookEx
CallNextHookEx
SetWindowsHookExA
MessageBeep
UpdateLayeredWindow
SetMenuInfo
GetWindowTextA
TrackMouseEvent
GetWindowRect
SetWindowPos
FindWindowA

kernel32

GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
TlsSetValue
MultiByteToWideChar
GetModuleHandleA
RtlZeroMemory
RtlMoveMemory
lstrlenW
VirtualProtect
IsBadCodePtr
GetCurrentThreadId
GetProcessHeap
ExitProcess
HeapAlloc
HeapReAlloc
HeapFree
IsBadReadPtr
GetModuleFileNameA
CloseHandle
ReadFile
GetFileSize
CreateFileA
FreeEnvironmentStringsW
GetUserDefaultLCID
GlobalUnlock
GlobalLock
GlobalAlloc
WaitForSingleObject
CreateProcessA
GetStartupInfoA
WriteFile
GetLocalTime
GetCommandLineA
FreeLibrary
GetProcAddress
LoadLibraryA
LCMapStringA
TlsAlloc
FreeEnvironmentStringsA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetTickCount
CreateThread
InitializeCriticalSection
GetVersion
InterlockedDecrement
InterlockedIncrement
RtlUnwind
TerminateProcess
GetCurrentProcess
SetLastError
TlsGetValue
GetLastError
WideCharToMultiByte
SetUnhandledExceptionFilter
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
GetOEMCP
GetACP
GetCPInfo
SetFilePointer
VirtualAlloc
RaiseException
LCMapStringW
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
UnhandledExceptionFilter

shlwapi

PathFileExistsA

ws2_32

WSACleanup
inet_ntoa
WSAStartup
gethostbyname
setsockopt

gdi32

GetBoundsRect
DeleteDC
BitBlt
SelectObject
DeleteObject

advapi32

RegCreateKeyExA
RegSetValueExA
RegOpenKeyA
RegCloseKey
RegQueryValueExA

shell32

ShellExecuteA
Shell_NotifyIconA

comctl32

InitCommonControlsEx

ole32

CreateStreamOnHGlobal
CLSIDFromString
StringFromGUID2
CoInitialize
CoUninitialize
OleRun
CoCreateInstance
CLSIDFromProgID
GetHGlobalFromStream

wininet

HttpSendRequestA
HttpQueryInfoA
InternetReadFile
InternetSetOptionA
HttpOpenRequestA
InternetCloseHandle
InternetOpenA
InternetConnectA

gdiplus

GdipGetImageEncoders
GdipGetImageEncodersSize
GdipSaveImageToStream
GdiplusStartup
GdipSetTextRenderingHint
GdipGetTextRenderingHint
GdipSetSmoothingMode
GdipGetSmoothingMode
GdipSetWorldTransform
GdipDrawRectangle
GdipDrawRectangleI
GdipGetImageGraphicsContext
GdipDeletePen
GdipDeleteBrush
GdipCreateSolidFill
GdipSetSolidFillColor
GdipGetSolidFillColor
GdipLoadImageFromStreamICM
GdipLoadImageFromStream

msimg32

AlphaBlend

atl

ord47
ord42

oleaut32

VariantChangeType
VariantInit
SafeArrayAllocDescriptor
SafeArrayAllocData
VariantCopy
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetElemsize
SafeArrayGetDim
SysFreeString
SafeArrayDestroy
VariantClear
SysAllocString
SafeArrayCreate
RegisterTypeLi
LHashValOfNameSys
LoadTypeLi
VarR8FromBool
VarR8FromCy

Sections

.text
Size: 484KB - Virtual size: 482KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

562bd6f2269600a1b71ee1edabfe2533

Headers

File Characteristics

Imports

user32

kernel32

shlwapi

ws2_32

gdi32

advapi32

shell32

comctl32

ole32

wininet

gdiplus

msimg32

atl

oleaut32

Sections

.text Size: 484KB - Virtual size: 482KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 84KB - Virtual size: 148KB

.rsrc Size: 20KB - Virtual size: 55KB

.text
Size: 484KB - Virtual size: 482KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 84KB - Virtual size: 148KB

.rsrc
Size: 20KB - Virtual size: 55KB