b4908d8b29a851c17eb7a6abbe91df20_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

b4908d8b29a851c17eb7a6abbe91df20_NeikiAnalytics.exe
Size

90KB
MD5

b4908d8b29a851c17eb7a6abbe91df20
SHA1

412e864fd4f03830da2181b667b548ddf34cf87d
SHA256

9b53b55ef4daf8912c49356605d6c2724cd65e2ebaa76e53db500790841737b2
SHA512

661861fdfd5be074c81ebb73c9db26f6673c174ff84c8843606fa45d0881b6b8f21268e7250a8172de0a2f91c4e08ad5ef4bfd41fdd673f51eba5358af7161c1
SSDEEP

1536:M6DMgjtG3NQ1BG9RXB6dqzhzGDETQoHs4aOdw:MS43C1B2X/zGDE5nw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b4908d8b29a851c17eb7a6abbe91df20_NeikiAnalytics.exe

Files

b4908d8b29a851c17eb7a6abbe91df20_NeikiAnalytics.exe
.dll windows:6 windows x86 arch:x86

7f7662c175cfb5287488acb525e099c2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

IMEKR61.pdb

Imports

kernel32

InterlockedDecrement
GetCurrentThreadId
WinExec
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
InterlockedIncrement
GetCurrentProcess
SetUnhandledExceptionFilter
IsBadCodePtr
GetLastError
GetSystemDirectoryA
FindResourceExA
LoadResource
LockResource
ReleaseMutex
GetNativeSystemInfo
GetVersionExA
GlobalFindAtomA
GlobalAddAtomA
TlsGetValue
TlsSetValue
TlsFree
TlsAlloc
LocalAlloc
LocalFree
ExpandEnvironmentStringsA
CreateFileA
lstrcmpA
SetFilePointer
ReadFile
lstrlenA
GetProfileIntA
GetSystemDefaultLangID
FreeLibrary
LoadLibraryA
CreateMutexA
OpenFileMappingA
CreateFileMappingA
CloseHandle
WaitForSingleObject
lstrlenW
UnmapViewOfFile
MapViewOfFile
GetCurrentProcessId
IsBadReadPtr
GetProcessVersion
lstrcpyA
WideCharToMultiByte
GetModuleFileNameA
lstrcmpiA
MultiByteToWideChar
GetModuleHandleA
GetProcAddress
GlobalHandle
GlobalUnlock
GlobalFree
GlobalAlloc
TerminateProcess
GlobalLock

user32

RegisterWindowMessageA
UnregisterClassA
RedrawWindow
GetKeyboardLayout
FindWindowA
LoadImageA
TrackPopupMenu
EnableMenuItem
CheckMenuItem
CheckMenuRadioItem
DestroyMenu
GetSubMenu
DefWindowProcW
GetClassInfoExA
GetClassInfoExW
RegisterClassExW
RegisterClassExA
ReleaseDC
GetDC
LoadMenuIndirectA
GetMessageA
GetMessageW
LoadIconA
SetWindowLongA
ReleaseCapture
SetTimer
InvalidateRect
OffsetRect
GetClientRect
GetSysColorBrush
FillRect
KillTimer
SetRect
SetForegroundWindow
SendMessageA
DestroyWindow
TranslateMessage
DispatchMessageA
GetParent
IsDlgButtonChecked
CheckDlgButton
EnableWindow
GetDlgItem
CheckRadioButton
WinHelpA
CreateWindowExA
CreateWindowExW
DefWindowProcA
BeginPaint
EndPaint
GetSysColor
wsprintfW
wsprintfA
ClientToScreen
GetWindowRect
SetWindowPos
IntersectRect
LoadCursorA
SetCursor
GetCursorPos
ScreenToClient
PtInRect
keybd_event
GetWindow
ShowWindow
DrawEdge
SetCapture
CopyRect
GetWindowLongA
IsWindow
SystemParametersInfoA
MessageBeep
CharNextA
SendMessageTimeoutA
PostMessageA
DispatchMessageW

advapi32

CheckTokenMembership
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyA
FreeSid
IsValidSid
AllocateAndInitializeSid
GetSecurityDescriptorDacl
IsValidSecurityDescriptor
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
IsValidAcl
AddAccessAllowedAce
InitializeAcl
GetLengthSid
RegOpenKeyA
RegCloseKey

gdi32

CreateFontW
LineTo
MoveToEx
CreatePen
DeleteDC
SetBkColor
PatBlt
CreateBitmap
CreateFontA
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
GetStockObject
GetPixel
SetPixel
TextOutW
TextOutA
SelectObject
SetBkMode
SetTextColor
GetObjectA
DeleteObject

shell32

ShellAboutA

comctl32

CreatePropertySheetPageA
PropertySheetW
PropertySheetA
ord17

ntdll

RtlUnwind
_vsnprintf

Exports

Exports

ImeConfigure
ImeConversionList
ImeDestroy
ImeEnumRegisterWord
ImeEscape
ImeGetImeMenuItems
ImeGetRegisterWordStyle
ImeInquire
ImeProcessKey
ImeRegisterWord
ImeSelect
ImeSetActiveContext
ImeSetCompositionString
ImeToAsciiEx
ImeUnregisterWord
NotifyIME

Sections

.text
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MSIMESH
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7f7662c175cfb5287488acb525e099c2

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

gdi32

shell32

comctl32

ntdll

Exports

Exports

Sections

.text Size: 59KB - Virtual size: 58KB

.data Size: 1024B - Virtual size: 2KB

.MSIMESH Size: 3KB - Virtual size: 3KB

.rsrc Size: 22KB - Virtual size: 21KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 59KB - Virtual size: 58KB

.data
Size: 1024B - Virtual size: 2KB

.MSIMESH
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 22KB - Virtual size: 21KB

.reloc
Size: 4KB - Virtual size: 3KB