2642eadf5b4a12539a04909a0eb799f0_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

2642eadf5b4a12539a04909a0eb799f0_NeikiAnalytics.exe
Size

196KB
MD5

2642eadf5b4a12539a04909a0eb799f0
SHA1

380cf62679a2dbdda7f990d6ba0ec13b969b9526
SHA256

8ca3e7e5a0baedca88bdb40a04b1abfe2d42059bd4137149bb9217764f5173d5
SHA512

3f8686ac004511c7f0168f5b7e26e6640dac8a8182d7465d2f98666f778d52fb3c3c62c71aeddf2530209b2a1d7545ece65397029b8644f39239aa2a96d003f9
SSDEEP

3072:4jVM7qKuPeJgJK/S8adLI+mXtymCbEEQ+s5zwZ+KKhJdVQnaXkfD6L8Mn:4jVM7iKgJn3YymCTQWpS541E84

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2642eadf5b4a12539a04909a0eb799f0_NeikiAnalytics.exe

Files

2642eadf5b4a12539a04909a0eb799f0_NeikiAnalytics.exe
.exe windows:5 windows x86 arch:x86

e81aa435fa54056c677a3426bfa31673

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteW
ShellExecuteExW

certcli

CAGetCertTypeFlags
CAFindCertTypeByName
CACloseCertType
CAFreeCertTypeProperty
CAUpdateCertType
CAGetCertTypeProperty
CAFindByName
CAUpdateCA
CAGetCertTypeKeySpec
CAEnumCertTypesForCA
CASetCertTypeExtension
CARemoveCACertificateType
CAEnumCertTypes
CAGetCertTypeExtensions
CASetCertTypeProperty
CAGetCertTypePropertyEx
CACloseCA
CAEnumNextCertType
CAAddCACertificateType
CACertTypeGetSecurity
CAFreeCertTypeExtensions
CAFreeCAProperty
CASetCertTypeKeySpec
CASetCertTypeFlags
CACertTypeSetSecurity
CAGetCAProperty
CACreateCertType

user32

GetDlgItemTextA
EnableWindow
ReleaseDC
SetDlgItemTextW
wsprintfW
LoadCursorW
WinHelpW
SendDlgItemMessageW
LoadImageW
SetCursor
GetWindowLongW
LoadIconW
RegisterClipboardFormatW
SetWindowLongW
EndDialog
SendMessageW
InsertMenuItemW
GetDC
LoadStringW
DialogBoxParamW
SystemParametersInfoW
MessageBoxW
PostMessageW
GetParent
SetWindowTextW
SetFocus
LoadBitmapW
GetDlgItem

msvcrt

_onexit
malloc
vswprintf
??3@YAXPAX@Z
__RTDynamicCast
wcscat
_except_handler3
_initterm
??1type_info@@UAE@XZ
wcscpy
_wcsicmp
__dllonexit
_wcsupr
memmove
mbstowcs
wcsstr
wcscmp
wcschr
wcstoul
?terminate@@YAXXZ
??2@YAPAXI@Z
wcslen
_purecall
wcsrchr
free
_adjust_fdiv

kernel32

InterlockedDecrement
GetLastError
lstrlenW
FileTimeToLocalFileTime
lstrcpyW
GlobalUnlock
GetStartupInfoA
IsValidCodePage
GetModuleFileNameW
WideCharToMultiByte
GlobalFree
GetProcAddress
InitializeCriticalSection
GetEnvironmentStringsA
GetModuleHandleA
LocalReAlloc
QueryPerformanceCounter
OutputDebugStringA
CreateFileW
IsBadReadPtr
FileTimeToSystemTime
GlobalLock
lstrcmpiW
GetTickCount
FormatMessageW
DeleteCriticalSection
LocalFree
RemoveDirectoryA
GetCPInfo
GetComputerNameW
GetSystemTimeAsFileTime
LoadLibraryW
SetUnhandledExceptionFilter
OutputDebugStringW
InterlockedIncrement
GlobalAlloc
GetCurrentProcess
GetSystemWindowsDirectoryW
GetDateFormatW
SetLastError
CloseHandle
GetACP

advapi32

RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegEnumKeyExW
RegQueryValueExW
RegDeleteKeyW
RegSetValueExW
RegOpenKeyExW

gdi32

DeleteObject
CreateFontIndirectW
GetDeviceCaps

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.code
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 103KB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e81aa435fa54056c677a3426bfa31673

Headers

File Characteristics

Imports

shell32

certcli

user32

msvcrt

kernel32

advapi32

gdi32

comctl32

Sections

.code Size: 90KB - Virtual size: 89KB

.rdata Size: 103KB - Virtual size: 2.5MB

.rsrc Size: 1KB - Virtual size: 1KB

.code
Size: 90KB - Virtual size: 89KB

.rdata
Size: 103KB - Virtual size: 2.5MB

.rsrc
Size: 1KB - Virtual size: 1KB