370cb365925dc13d4b50d8b2f61d3b40_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

370cb365925dc13d4b50d8b2f61d3b40_NeikiAnalytics.exe
Size

92KB
MD5

370cb365925dc13d4b50d8b2f61d3b40
SHA1

c7b129c46c7d7d30792c01955fb662571b6c760f
SHA256

b6f480c1d83c18c4e5d70c85806a307fa323841aea1977d71a3e26d588f5a4f9
SHA512

919f7c354c4840bc6cbf673eea85ba7e4cae2e90eaf6fb8c92342e9605f5e131b64eb6937c936d4665720741cbc136e9f03a3bdfdde022e31e1eeebc5474fc81
SSDEEP

1536:R/+xvM/4CnbWtTQcX/JvAvsHdt3HXRkxgZQX:R/O0tqt//JoEHdbVyX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
370cb365925dc13d4b50d8b2f61d3b40_NeikiAnalytics.exe

Files

370cb365925dc13d4b50d8b2f61d3b40_NeikiAnalytics.exe
.exe windows:5 windows x86 arch:x86

b04449b81e78d312c48e3c1cb7699bac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

WideCharToMultiByte
lstrcatA
HeapAlloc
HeapCreate
HeapReAlloc
HeapFree
GetPrivateProfileStringA
FreeResource
LockResource
LoadResource
SizeofResource
FindResourceA
LocalFree
GetModuleFileNameA
lstrlenW
LocalAlloc
lstrcmpiA
lstrcpynA
SetEvent
OpenEventA
InterlockedExchange
LoadLibraryExA
Sleep
LeaveCriticalSection
lstrcpyA
EnterCriticalSection
DeleteCriticalSection
lstrlenA
MultiByteToWideChar
GetProcAddress
InterlockedIncrement
LoadLibraryA
GetLastError
FreeLibrary
CreateMutexA
GetCurrentThreadId
CloseHandle
InitializeCriticalSection
GetCommandLineA
HeapDestroy
GetVersionExA
ExitProcess
GetStartupInfoA
GetModuleHandleA
LocalUnlock
LocalLock
RaiseException
InterlockedDecrement

gdi32

GetStockObject
GetClipBox
SelectPalette
RealizePalette
CreatePalette
SetDIBitsToDevice
DeleteObject
SetStretchBltMode

user32

ShowWindow
GetClientRect
ReleaseDC
GetDC
DispatchMessageA
TranslateMessage
GetMessageA
GetWindowRect
GetDesktopWindow
SetTimer
MessageBoxA
SetFocus
WindowFromPoint
SetWindowPos
OffsetRect
GetSystemMetrics
IsWindowVisible
KillTimer
FindWindowA
EndDialog
PostQuitMessage
MessageBeep
SetWindowTextA
GetWindowTextA
GetWindowTextLengthA
GetWindow
SetWindowsHookExA
CallNextHookEx
DefWindowProcA
EnableWindow
CreateWindowExA
DrawEdge
UpdateWindow
RegisterClassA
EnumChildWindows
RedrawWindow
EndPaint
BeginPaint
SetWindowLongA
GetWindowLongA
SetCursor
LoadImageA
LoadCursorA
GetDlgItemInt
DialogBoxParamA
IsDlgButtonChecked
GetAsyncKeyState
DestroyWindow
UnhookWindowsHookEx
SetDlgItemInt
GetParent
WinHelpA
GetDlgItem
GetCursorPos
ScreenToClient
SendMessageA
SendNotifyMessageA
PostMessageA
CharNextA
LoadStringA
SystemParametersInfoA
IsWindow
GetForegroundWindow
PostThreadMessageA
CheckDlgButton

shlwapi

StrCmpNIA
ord168
ord1
PathCreateFromUrlA
PathFindFileNameA
UrlEscapeA
PathCombineA
PathIsURLA

comctl32

PropertySheetA
ImageList_Add
ImageList_Destroy
ord334
ord328
ImageList_Create
ord329
ord332
ord339
ord8
ImageList_SetBkColor
ImageList_AddMasked
InitCommonControlsEx
ImageList_LoadImageA

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 596B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b04449b81e78d312c48e3c1cb7699bac

Headers

File Characteristics

Imports

kernel32

gdi32

user32

shlwapi

comctl32

Sections

.text Size: 40KB - Virtual size: 37KB

.data Size: 4KB - Virtual size: 596B

.rsrc Size: 40KB - Virtual size: 40KB

.text
Size: 40KB - Virtual size: 37KB

.data
Size: 4KB - Virtual size: 596B

.rsrc
Size: 40KB - Virtual size: 40KB