2d65a927317c5e71268022de60541be0_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

2d65a927317c5e71268022de60541be0_NeikiAnalytics.exe
Size

372KB
MD5

2d65a927317c5e71268022de60541be0
SHA1

555a168a8357c505220f33213822ea2071a3c267
SHA256

c7270b04db07b483efd64af947910b839f2a98771904d78f78044659af3b1bda
SHA512

8615a9eaa944cb1477e2cb08530bc543183e3b871ab074bac284f68a873df7160db933d16424fec24778a5b0f32d928dd1219fe7439723184832ee8c2d4cd28b
SSDEEP

6144:GlzOa3+sC8zSUuXF5sbQqKNRbYrykwhVZb+KVF0WnrnakqCTSOo3vrl8w1WdgMHa:sO2vBOUs5scqryk69+KVFznaew3v2w12

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d65a927317c5e71268022de60541be0_NeikiAnalytics.exe

Files

2d65a927317c5e71268022de60541be0_NeikiAnalytics.exe
.dll windows:4 windows x86 arch:x86

a03c82fb2e12f3566fd21d3a1597438d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLocaleInfoW
MultiByteToWideChar
BuildCommDCBAndTimeoutsW
GetLastError
BindIoCompletionCallback
AddAtomA
GetTickCount
DeleteTimerQueueEx
LoadLibraryW
GetModuleHandleA
VirtualProtect

user32

GetSystemMetrics
GetForegroundWindow
GetTopWindow
GetWindow
IsChild
IsCharAlphaNumericW
GetMenuItemCount
RegisterClassExA
LoadCursorA
LoadIconW
GetShellWindow
RegisterClassExW
LoadIconA
LoadMenuW

gdi32

GetStockObject

rasapi32

RasEnumConnectionsW
RasDialA
RasScriptInit
RasSetAutodialAddressA
RasGetConnectionStatistics
RasSetSubEntryPropertiesW
RasGetEapUserIdentityA
RasSetEapUserDataA
DwRasUninitialize
RasEnumEntriesW
RasClearLinkStatistics
RasFreeEapUserIdentityA
RasEnumConnectionsA
RasScriptSend
RasGetSubEntryHandleA
RasGetCountryInfoA
DwEnumEntryDetails
RasSetEntryDialParamsW
RasGetCustomAuthDataW
RasSetCustomAuthDataW
RasEnumDevicesW
RasGetEntryHrasconnW
RasGetHport
RasGetAutodialParamA
RasSetAutodialEnableW
RasGetConnectStatusW
RasCreatePhonebookEntryW
RasSetEntryPropertiesW
RasGetEapUserDataA
RasGetLinkStatistics
RasSetEntryDialParamsA
RasValidateEntryNameW
RasConnectionNotificationA
RasEnumDevicesA
RasInvokeEapUI
RasEditPhonebookEntryW
RasAutoDialSharedConnection
RasGetEntryPropertiesA
RasGetEapUserDataW
RasEnumEntriesA
RasGetErrorStringW
RasGetAutodialAddressW
RasGetEapUserIdentityW
DDMGetPhonebookInfo

cryptdll

MD5Final
CDBuildIntegrityVect
CDLocateCSystem
CDFindCommonCSystem
MD5Update
CDLocateCheckSum
CDRegisterCSystem
CDFindCommonCSystemWithKey

feclient

FeClientInitialize

msasn1

ASN1char16string_cmp
ASN1intx_add
ASN1open_free
ASN1EncSetError
ASN1uint32_uoctets
ASN1octetstring_cmp
ASN1_CloseEncoder
ASN1bitstring_cmp
ASN1BEREncZeroMultibyteString
ASN1BERDecS32Val
ASN1CEREncBitString
ASN1_SetDecoderOption
ASN1BERDecBitString
ASN1octetstring_free
ASN1utf8string_free
ASN1BERDecObjectIdentifier2
ASN1charstring_free
ASN1_CreateModule
ASN1BEREoid2DotVal
ASN1BERDecOctetString2
ASN1Free
ASN1intx_free
ASN1_CreateEncoder
ASN1BERDecU8Val
ASN1BEREncRemoveZeroBits
ASN1char32string_cmp
ASN1intx_setuint32
ASN1BERDecTag
ASN1BEREncChar32String
ASN1intxisuint32

resutils

ResUtilVerifyService
ResUtilIsPathValid
ResUtilFindExpandedSzProperty
ResUtilGetPropertySize
ResUtilFreeEnvironment
ResUtilSetPropertyParameterBlockEx
ResUtilStartResourceService
ResUtilFreeParameterBlock
ResUtilFindMultiSzProperty
ResUtilStopResourceService
ResUtilEnumResources
ResUtilGetBinaryProperty
ResUtilGetBinaryValue
ResUtilEnumPrivateProperties
ResUtilSetSzValue
ResUtilGetProperties
ResUtilSetExpandSzValue

Exports

Exports

MemberCompression

Sections

.text
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.xdata
Size: 4KB - Virtual size: 378B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 236KB - Virtual size: 233KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a03c82fb2e12f3566fd21d3a1597438d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

rasapi32

cryptdll

feclient

msasn1

resutils

Exports

Exports

Sections

.text Size: 44KB - Virtual size: 41KB

.xdata Size: 4KB - Virtual size: 378B

.rdata Size: 44KB - Virtual size: 40KB

.data Size: 36KB - Virtual size: 56KB

.rsrc Size: 236KB - Virtual size: 233KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 44KB - Virtual size: 41KB

.xdata
Size: 4KB - Virtual size: 378B

.rdata
Size: 44KB - Virtual size: 40KB

.data
Size: 36KB - Virtual size: 56KB

.rsrc
Size: 236KB - Virtual size: 233KB

.reloc
Size: 4KB - Virtual size: 1KB