840a8aa19e9ae1c6272c954641f06a40_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

840a8aa19e9ae1c6272c954641f06a40_NeikiAnalytics.exe
Size

234KB
MD5

840a8aa19e9ae1c6272c954641f06a40
SHA1

aeea8b15e26436000c32a5777cc41d82362e1b1b
SHA256

f1f211e1868763753647b92d0613e9720d81a6cc786d6f6e818ab2e50a1d03e8
SHA512

3b59477801af2baa891b311c9f60e3a2ffba9b613e308288963d5716186bda4af5b0f613d9da8e074f0f214be3676d9145595d031e403a32e0ce82e3ce962755
SSDEEP

3072:EHUpqldSjVzBzPs4JGmeqssbIn6Lb4RiDHEx8/n:rpz3kAeqsOAi1n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
840a8aa19e9ae1c6272c954641f06a40_NeikiAnalytics.exe

Files

840a8aa19e9ae1c6272c954641f06a40_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

0c1a1864fcab907d3bb21cadac3bacca

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

xbtbase1

SETCURSOR

xpprt1

?prepareOpStack
?ehIsError
?ehSetContext
?setjmp
?exeNativeError
?exeStackUnwind
?momSOn
?symContextInit
__vft19ConNumericIntObject10AtomObject
__vft18ConUndefinedObject10AtomObject
?conNAllocL
?symPublicConst
?momSOff
APPDESKTOP
?conSendItem
INT
ACREATE
?symRefItemConst
XBPCRT
?getRFPC
?conAssignRefWMember
?domAssign
APPNAME
SETAPPWINDOW
?retNil
?conNRelease
?conNReleaseL
?frameExit
?ehUnwind
?symPrivateConst
SET
?retStackValue
DATE
CURDRIVE
FERASE
SCROLL
SETPOS
?Xb2MacroSubstStringConst
SETCOLOR
DISPBOX
REPLICATE
DTOC
?retStackItem
?passParameter
?symParameterConst
TYPE
?symGetItemConst
LEN
SUBSTR
?domAdd
CHR
EMPTY
?domNot
DEVPOS
DEVOUTPICT
DEVOUT
?conNNewNil
INKEY
LASTKEY
FILE
UPPER
?domValXEql
SPACE
LEFT
GET
ROW
COL
?getWFPC
AADD
ALLTRIM
RIGHT
DBUSEAREA
DBCLOSEAREA
DBCLOSEALL
_QUIT
RUNSHELL
_COPYFILE
?pushCodeBlock
_EARLYBOUNDCODEBLOCK
DBSELECTAREA
RLOCK
?getWCFC
DBUNLOCK
ASC
STR
VAL
STUFF
ROUND
DBCREATEINDEX
DBSEEK
FOUND
__vft21ConNumericFloatObject10AtomObject
__vft14ConLogicObject10AtomObject
__vft20ConStringConstObject10AtomObject
__vft14ConStringShort10AtomObject
_iniExitProcedureList
___iniStart
___iniGetDLLInitHook
__This_executable_needs_version_1_82_0
___xpprt1Version
?conNewNil
PROCNAME
PROCLINE
?conMemberToItem
VALTYPE
?conNewString
EVAL
SETKEY
?domXEql
?orShortCut
?domOr
?domGECmp
?andShortCut
?domLECmp
?domAnd
?domSubStr
QQOUT
PCOUNT
NATIONMSG
DISPOUT
?pushDynamicCodeBlock
?domLCmp
?domGCmp
TRANSFORM
LTRIM
FIELDPOS
?executeMacro
SELECT
BREAK
ERRORBLOCK
?ehUnsetContext
?ehGetBreakContainer
?conRelease
?conNewCon
?domValNEql
FCOUNT
ARRAY
ASCAN
FIELDGET
AEVAL
FIELDPUT
?domNEql
?conOpNewInt
DBESETDEFAULT
DBELIST
DBELOAD
DBEINFO
?domValSubStr
DBSTRUCT
RECNO
?domInc
?domValLECmp
?domRefElem
?domGetElem
ADEL
?domDec
ATAIL
ASIZE
DBCREATE
DBEVAL
DELETED
DBAPPEND
DBDELETE
RAT
?domValGCmp
?domSub
?setSWArea
?restWArea
FIELDNAME
MIN
ALIAS
STRTRAN
DBGOTOP
EOF
DBSKIP
QOUT
AFILL
DBCOPYSTRUCT
?domAddEqu
?getRCFC
LASTAPPEVENT
MAX
APPEVENT
SETAPPEVENT
?nomClassLock
?nomClassUnlock
?retObject
?nomCreateClass
?nomDefineVar
?nomDefineMethod
?nomEndClassDefinition
?conNewExtObject
?nomCallInitClass
?conGetSelfClass
?conGetClass
SETMOUSE
WORKSPACELIST
DBCOMMIT
DBRROLLBACK
ALERT
DBEBUILD
DBSESSION
?domEql
ISFUNCTION
DOSERRORMESSAGE
APPTYPE
_BREAK
ERRORLEVEL
TRIM
?floadTos
CONFIRMBOX
ROOTCRT
PADL
TONE
OUTERR
MSGBOX
TIME
VERSION
OS
VAR2CHAR
MLCOUNT
MEMOLINE
RTRIM

xbtbase2

MAXROW

Sections

.text
Size: 196KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xpp
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0c1a1864fcab907d3bb21cadac3bacca

Headers

File Characteristics

Imports

xbtbase1

xpprt1

xbtbase2

Sections

.text Size: 196KB - Virtual size: 196KB

.data Size: 21KB - Virtual size: 21KB

.xpp Size: 2KB - Virtual size: 2KB

.idata Size: 5KB - Virtual size: 4KB

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 196KB - Virtual size: 196KB

.data
Size: 21KB - Virtual size: 21KB

.xpp
Size: 2KB - Virtual size: 2KB

.idata
Size: 5KB - Virtual size: 4KB

.reloc
Size: 7KB - Virtual size: 7KB