2658db836789dc3b8c165cb3ca58db20_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

2658db836789dc3b8c165cb3ca58db20_NeikiAnalytics.exe
Size

5.5MB
MD5

2658db836789dc3b8c165cb3ca58db20
SHA1

33791048780edf632df556e46e2d0feb041ffccd
SHA256

86d576f4093b27e7b964375bbb77b77bb6a46dc90c2cfb80a76655305914988b
SHA512

e1c5d4107c2d520bec2d14c4d63c3ec6d5a4b3f5f15d774d36413a7286531ba45623cf9b34f6e1fc8bc85c3b91abc9c65f25711a92605748823392a2f6c49f88
SSDEEP

98304:p6uY7DJRtUTsIx5gZgnmkmtici+3cYJpeCBnnX2jJ1cTKMqww0:sXfJgTsT2mY+B52+x/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2658db836789dc3b8c165cb3ca58db20_NeikiAnalytics.exe

Files

2658db836789dc3b8c165cb3ca58db20_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

8c7cf5847aa939e37a600bcb5bb9bb20

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetACP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetLastError
GetVersion
GetTickCount
GetCurrentThreadId
CreateThread
TerminateThread
GetExitCodeThread
WaitForSingleObject
Sleep
CloseHandle
GetSystemTimeAsFileTime
DeleteCriticalSection
IsBadReadPtr
GetCurrentProcessId
LeaveCriticalSection
GetCurrentThreadId
InitializeCriticalSection
OpenSemaphoreA
CreateSemaphoreA
SearchPathA
HeapReAlloc
InterlockedIncrement
EnterCriticalSection
GetVersion
GetModuleFileNameA
FindNextFileA
FindFirstFileA
SetErrorMode
GetLocalTime
FindClose
GetFileSize
WriteFile
ReadFile
GetModuleHandleA
TlsFree
GetCurrentProcess
FileTimeToSystemTime
GetSystemTime
SystemTimeToFileTime
TlsAlloc
TlsGetValue
TlsSetValue
LoadLibraryA
ReleaseSemaphore
HeapFree
GetProcessHeap
HeapAlloc
DeviceIoControl
LocalFree
CreateFileA
LocalAlloc
InterlockedDecrement
InterlockedCompareExchange
CreateMutexA
ReleaseMutex
FormatMessageA
GetLastError
GetVolumeInformationA
GetEnvironmentVariableA
FreeLibrary
GetProcAddress
GetModuleHandleA
GetProcAddress
InitializeCriticalSection

msvcrt

wprintf
swprintf

setupapi

SetupDiEnumDeviceInfo

advapi32

GetUserNameA

user32

GetWindowRect
GetClientRect
GetWindowTextW
SetWindowTextW
UpdateWindow
GetDlgItem
SendMessageA
GetWindow
GetWindowThreadProcessId
GetClassNameA
ShowWindow
IsWindow
SetWindowLongA
GetWindowLongA
EnumWindows
DefWindowProcA
GetDesktopWindow
SetWindowPos
MessageBoxW
MessageBoxA
DefWindowProcA

Sections

0
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

1
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

2
Size: 4KB - Virtual size: 528B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

3
Size: 268KB - Virtual size: 265KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

4
Size: 48KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

5
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

6
Size: 8KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.protect
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8c7cf5847aa939e37a600bcb5bb9bb20

Headers

File Characteristics

Imports

kernel32

msvcrt

setupapi

advapi32

user32

Sections

0 Size: 12KB - Virtual size: 17KB

1 Size: 8KB - Virtual size: 10KB

2 Size: 4KB - Virtual size: 528B

3 Size: 268KB - Virtual size: 265KB

4 Size: 48KB - Virtual size: 71KB

5 Size: 4KB - Virtual size: 3KB

6 Size: 8KB - Virtual size: 28KB

.protect Size: 2.1MB - Virtual size: 2.1MB

0
Size: 12KB - Virtual size: 17KB

1
Size: 8KB - Virtual size: 10KB

2
Size: 4KB - Virtual size: 528B

3
Size: 268KB - Virtual size: 265KB

4
Size: 48KB - Virtual size: 71KB

5
Size: 4KB - Virtual size: 3KB

6
Size: 8KB - Virtual size: 28KB

.protect
Size: 2.1MB - Virtual size: 2.1MB