3b37936f7af527d3053a919b58548770_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

3b37936f7af527d3053a919b58548770_NeikiAnalytics.exe
Size

244KB
MD5

3b37936f7af527d3053a919b58548770
SHA1

9bd037dcddbf2021636b6a7ebc178d607c7076c3
SHA256

7ee0709d45cccd16c2d89f272e62c63253c4a042778593b284d75c9251ae6e7e
SHA512

357ec2a6f57ad5fdc1ebbcae97299a930a4f576207119c5913f172f9ff83010cea789dd9e205e81231d79522db78730a9587b71f665a7ee6f7c87e0764e0c1fa
SSDEEP

3072:wnT9iWeTwMrP9tNUta2mDHPIeHMXZk5YyN8oVZCOwTrkEN0o+Oqi/:wYTPPR4cD4ZCDN8oVZlwT4wyS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b37936f7af527d3053a919b58548770_NeikiAnalytics.exe

Files

3b37936f7af527d3053a919b58548770_NeikiAnalytics.exe
.exe windows:5 windows x86 arch:x86

1cc24a044e558d421e3b4ae6c72c3c52

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

DeleteDC
CreatePalette
SelectPalette
CreateCompatibleDC
GetObjectA
GetStockObject
RealizePalette
DeleteObject
StretchDIBits
SetPaletteEntries
ResizePalette
GetSystemPaletteEntries
SetSystemPaletteUse
GetDeviceCaps
CreateCompatibleBitmap
BitBlt
CreateSolidBrush
SelectObject
GetLayout
SetBkMode
SetTextColor
CreateDIBitmap
SetLayout
GetPaletteEntries

user32

GetParent
WinHelpA
GetWindowLongA
InvalidateRect
GetDlgItem
SetWindowTextA
SendMessageA
EnableMenuItem
SetForegroundWindow
MoveWindow
IsWindowVisible
RedrawWindow
SetWindowPos
EnableWindow
ShowWindow
GetDlgItemTextA
EndDialog
MessageBoxA
GetSystemMetrics
GetDesktopWindow
GetWindowRect
DrawTextA
ReleaseDC
DialogBoxParamA
SetFocus
CheckMenuItem
GetKeyNameTextA
MapVirtualKeyA
SendDlgItemMessageA
DrawMenuBar
ChangeDisplaySettingsA
DeleteMenu
SetWindowLongA
SetCursor
LoadCursorA
UpdateWindow
DefWindowProcA
CreateWindowExA
RegisterClassA
DestroyWindow
LoadBitmapA
UnregisterClassA
EndPaint
LoadIconA
SetCapture
ReleaseCapture
PostMessageA
PostQuitMessage
GetMenu
RegisterWindowMessageA
FindWindowA
GetCursorPos
SetCursorPos
PeekMessageA
TranslateMessage
DispatchMessageA
GetMessageA
IsIconic
FillRect
SetMenu
GetDC
BeginPaint
DialogBoxIndirectParamA
GetWindowTextA
wsprintfA
MessageBeep
LoadStringA

shell32

ShellAboutA

kernel32

GlobalHandle
LockResource
lstrcmpA
GetProcAddress
LoadLibraryA
GetVersion
SizeofResource
WritePrivateProfileStringA
GetPrivateProfileIntA
GetStartupInfoA
_lopen
WinExec
GetCurrentThread
SetThreadPriority
GetModuleFileNameA
GetLastError
FreeResource
lstrcpyA
GetModuleHandleA
FindResourceA
LoadResource
_hread
GlobalUnlock
GlobalReAlloc
GlobalFree
_llseek
_lread
GlobalAlloc
GlobalLock
LocalAlloc
LocalFree
OpenFile
_lclose
lstrcpynA
lstrcatA
lstrlenA

winmm

timeGetTime
waveOutGetDevCapsA
mciSendCommandA
waveOutReset
waveOutUnprepareHeader
waveOutPrepareHeader
waveOutClose
waveOutOpen
waveOutWrite
waveOutRestart
waveOutPause
mmioAscend
mmioRead
mmioDescend
mmioClose
mmioOpenA
sndPlaySoundA
waveOutGetNumDevs
waveOutGetPosition

advapi32

RegQueryValueExA
RegCreateKeyExA
RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegOpenKeyA
RegQueryValueA

msvcrt

__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
wcscpy
wcslen
isdigit
fclose
isspace
isalnum
calloc
rand
??2@YAPAXI@Z
??3@YAXPAX@Z
floor
_CIacos
strstr
exit
_ftol
fopen
_strnicmp
realloc
free
malloc
sprintf
_itoa
atol
_ltoa
memmove
sscanf
atoi
_except_handler3
_controlfp

Sections

.text
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1cc24a044e558d421e3b4ae6c72c3c52

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

user32

shell32

kernel32

winmm

advapi32

msvcrt

Sections

.text Size: 125KB - Virtual size: 125KB

.data Size: 6KB - Virtual size: 20KB

.rsrc Size: 111KB - Virtual size: 110KB

.text
Size: 125KB - Virtual size: 125KB

.data
Size: 6KB - Virtual size: 20KB

.rsrc
Size: 111KB - Virtual size: 110KB