b11fb3bb4fd5ef41fdcc5895e2c19d20_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

b11fb3bb4fd5ef41fdcc5895e2c19d20_NeikiAnalytics.exe
Size

396KB
MD5

b11fb3bb4fd5ef41fdcc5895e2c19d20
SHA1

3c7e12295679945a6363134145a32052497744d5
SHA256

91188360f0e0a0fb33d9e9285ecd8c83b5c00862d10fdd71ebc267d24866ad76
SHA512

682b47d262991636a273f29b64b83f9466e029886291142dcc2c1ce93b789ac0fc6602fcf7af002f17db24e78ded0a3654e33f1ad02691a2428a884199af0060
SSDEEP

6144:4Ht+2bVf25kK3qcE41z0GFpNCPPNVR2+jCIXW/T7KLLtT/:Q9cRzpm60CatT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b11fb3bb4fd5ef41fdcc5895e2c19d20_NeikiAnalytics.exe

Files

b11fb3bb4fd5ef41fdcc5895e2c19d20_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

1676394ea6788ab8c6066808bf8bce18

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

cblrtss

CBL_SHOW_MOUSE
_mFiD789
_mFiD7B7
CBL_CLASSIFY_DBCS_CHAR
_mFiD7D9
CBL_ALLOC_MEM
CBL_FREE_MEM
_mFiD7F6
_mFiD7BA
_mFiD791
ord1015
ord1245
CBL_FN_INTEGER
ord1250
_mFiD7A1
_mFiD7CC
_mFiD7B9
_mFiD7B5
ord1006
_mFiD7AA
_mFiD7CB
_mFgF803
_mFiD7E6
_mFiD7E4
CBL_READ_SCR_CHATTRS
_mFgCE
EXTFH
_mFgF813
_mFgF811
_mFiD78D
_mFiD7E3
CBL_INIT_MOUSE
CBL_GET_MOUSE_POSITION
CBL_TERM_MOUSE
CBL_SET_MOUSE_MASK
CBL_GET_MOUSE_MASK
CBL_SET_MOUSE_POSITION
_COYIELD
PC_READ_KBD_SCAN
_mFiD7B4
CBL_READ_MOUSE_EVENT
_mFiD781
_mFiD783
CBL_GET_MOUSE_STATUS
_mFgproglink
_mFgprogunlock
mF_eloc
CBL_EXIT_PROC
CBL_GET_OS_INFO
CBL_DELETE_FILE
CBL_GET_CURRENT_DIR
ord1021
ord1155
cobgetenv
CBL_TOUPPER
ord1246
ord1156
ord1244
CBL_CANCEL
CBL_GET_PROGRAM_INFO
CBL_FILENAME_CONVERT
CBL_MBCS_CHAR_LEN
CBL_SPLIT_FILENAME
CBL_JOIN_FILENAME
CBL_GET_FILE_INFO
CBL_HIDE_MOUSE
_mFgAE
CBL_CTF_TRACER_GET
CBL_CTF_TRACER_LEVEL_GET
ord1275
CBL_CTF_TRACER_NOTIFY
CBL_CTF_COMP_PROPERTY_GET
ord1266
ord1001
CBL_CTF_TRACE
_mFgF801
CBL_OPEN_FILE
CBL_CLOSE_FILE
CBL_FLUSH_FILE
CBL_CHECK_FILE_EXIST
CBL_CREATE_FILE
CBL_WRITE_FILE
CBL_READ_FILE
ord1471
ord1370
CBL_RENAME_FILE
ord1701
CBL_CMPNLS
ord1461
ord1294
ord1333
_mFgF800
ord1475
ord1448
ord1389
cob_COYIELD
CBL_FN_CURRENT0DATE
ord1574
ord1573
ord1267
ord1579
ord1578
mF_tmpfilename
ord1463
_mFgproglock
_mFerr
CBL_COPY_FILE
CBL_LCKFILE
CBL_UNLFILE
CBL_UNLOCK
CBL_SET_SEMAPHORE
CBL_FREE_SEMAPHORE
CBL_TEST_LOCK
CBL_GET_LOCK
CBL_FREE_LOCK
CBL_OPEN_VFILE
CBL_CLOSE_VFILE
CBL_READ_VFILE
CBL_WRITE_VFILE
CBL_FN_UPPER0CASE
ord1307
ord1190
ord1206
ord1186
CBL_LOCATE_FILE
_mFginitdat_dll
ord969
ord733
ord968
ord2038
ord2006
_mFiD7E5
_mFiD782
ord1016
_mFiD7B0
_mFiD7B3
_mFiD78F
_mFiD7A7
_mFgprogchain
_mFgtypecheck
_mFgprogcheckexit
_mFgF802
ord1424
ord1379
_mFgF806
CBL_NLS_GET_MSG
_mFfindp
_mFgmain2
_mFgWinMain2
_mFgF805
ord1012
_mFgprogunchain

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__p___initenv
exit
_XcptFilter
_exit

kernel32

GetCommandLineA
GetModuleHandleA

Exports

Exports

_mFdllinfo

Sections

.text
Size: 380KB - Virtual size: 378KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1676394ea6788ab8c6066808bf8bce18

Headers

File Characteristics

Imports

cblrtss

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 380KB - Virtual size: 378KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 93KB

.text
Size: 380KB - Virtual size: 378KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 93KB