949601f8920bcb99956661156162d4c0_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

949601f8920bcb99956661156162d4c0_NeikiAnalytics.exe
Size

52KB
MD5

949601f8920bcb99956661156162d4c0
SHA1

d851ca6886eae8212a5fb7baed83b2ac92b8106f
SHA256

42a0daddcfc82def894223979ee6bd2ac7e5adcd1ebf88bab24939a51b0b5ffd
SHA512

598cbeecf1933b425aae8ef57fc53c761c2809b1f7bbd9d7f7c52f398d19a7eede9dfcde5ecdc152a70b3ea51ec44d1647ad96ac5b55eabe9fe3e8d493aee75d
SSDEEP

768:GWoZyEzFN3ZeGdfC82fHLn2Lpb+b8wwR5SdNRApvFbaYtccW:JB2ldfj2fHLnib+b8wwRwdfeb5cx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
949601f8920bcb99956661156162d4c0_NeikiAnalytics.exe

Files

949601f8920bcb99956661156162d4c0_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

6fefcb24ef6518b65d62d1f071196f24

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

g:\obj\nt_ms_x86_p\dcur.pdb

Imports

gdi32

GetStockObject
GetTextMetricsA

user32

ReleaseDC
DrawTextA
UpdateWindow
ScrollWindowEx
GetClientRect
GetDC
SetWindowTextA
GetDlgItemTextA
EndDialog
DialogBoxParamA
ShowWindow
CreateWindowExA
MessageBoxA
DestroyWindow
SendMessageA
DefWindowProcA
EndPaint
BeginPaint
PostQuitMessage
GetMessageA
DispatchMessageA
TranslateMessage
LoadIconA
LoadCursorA
RegisterClassA
InvalidateRect

dblib8

ord286
ord249
ord274
ord237
ord272
ord275
ord242
ord206
ord258
ord240
ord260
ord254
ord264
ord216
ord231
ord219
ord238
ord248
ord266

kernel32

CloseHandle
FlushFileBuffers
HeapSize
SetStdHandle
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapReAlloc
InitializeCriticalSection
LoadLibraryA
SetFilePointer
GetOEMCP
GetACP
RtlUnwind
EnterCriticalSection
LeaveCriticalSection
GetStringTypeW
GetStringTypeA
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapAlloc
GetCPInfo
GetLocaleInfoA
HeapFree
VirtualFree
HeapCreate
HeapDestroy
DeleteCriticalSection
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersionExA
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
GetLastError
LCMapStringW
TlsFree
SetLastError
GetCurrentThreadId
TlsSetValue
TlsGetValue
TlsAlloc
ExitProcess
GetProcAddress
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6fefcb24ef6518b65d62d1f071196f24

Headers

File Characteristics

PDB Paths

Imports

gdi32

user32

dblib8

kernel32

Sections

.text Size: 32KB - Virtual size: 28KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 9KB

.rsrc Size: 4KB - Virtual size: 592B

.text
Size: 32KB - Virtual size: 28KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 4KB - Virtual size: 592B