148a1c6efb9612913266b0e70313af713d8bbdbf367ad9c221c749a84a2075e0_NeikiAnalytics[.]exe

General

Target

148a1c6efb9612913266b0e70313af713d8bbdbf367ad9c221c749a84a2075e0_NeikiAnalytics.exe
Size

164KB
MD5

6806f6b3ca292cce998429fd83408840
SHA1

cd1c38312859e4be3c3ce24aa7a936fedf14e1f3
SHA256

148a1c6efb9612913266b0e70313af713d8bbdbf367ad9c221c749a84a2075e0
SHA512

398e9ccb6f149761e5d74cad36b576185e211702fdab285e4d8bdbd63a5e20af9fb6eaa567a4fe1f5ec6ff922629b671b0e309ae494c3ec565735fdb60bca55c
SSDEEP

3072:5TlrsNA1N6OmIl6K9cAYfl0gU09/in1FJDlHD4z8e+Hdkkkkckkkkbkkkhkkd09z:zYN26OmIl6Kkfn/in1XDpD4zekkkkcko

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
148a1c6efb9612913266b0e70313af713d8bbdbf367ad9c221c749a84a2075e0_NeikiAnalytics.exe

Files

148a1c6efb9612913266b0e70313af713d8bbdbf367ad9c221c749a84a2075e0_NeikiAnalytics.exe
.dll windows:4 windows x86 arch:x86

6ab5b7a1d44c58f5e1f1ab5700a5a932

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenA
lstrcpyA
lstrcmpA
lstrcmpiA
lstrcatA
CloseHandle
ReadFile
CreateFileA
WriteFile
DeleteFileA
SetEndOfFile
GetFileSize
GetTickCount
WaitForSingleObject
ResetEvent
lstrcpynA
CreateEventW
SetEvent
GetModuleFileNameW
SleepEx
lstrcmpW
Sleep

user32

SendMessageA
wsprintfA
MessageBoxW
DefWindowProcW
DestroyWindow
SetFocus
ShowWindow
SendDlgItemMessageA
SendDlgItemMessageW
CreateDialogParamW
GetSystemMetrics
LoadImageW
GetDlgItem
EnableWindow
SetForegroundWindow
CheckDlgButton
SetDlgItemInt
GetDlgItemInt
GetWindowLongW
SendMessageW
GetParent
GetFocus
SetWindowLongW
SetDlgItemTextA
GetDlgItemTextA
IsDlgButtonChecked
MessageBoxA

wsock32

gethostbyname
inet_addr

msvcrt

_strlwr
_strdup
_adjust_fdiv
_initterm
strcmp
_strnicmp
strcpy
strlen
_access
_stat
sscanf
strrchr
memcmp
time
__mb_cur_max
_isctype
_pctype
strstr
sprintf
atol
_itoa
atoi
_errno
strerror
malloc
strtol
memcpy
memset
free
strncpy
strncmp
realloc
_vsnprintf
strchr
calloc
_snprintf

Exports

Exports

Load
MirandaPluginInfoEx
MirandaPluginInterfaces
Unload

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6ab5b7a1d44c58f5e1f1ab5700a5a932

Headers

File Characteristics

Imports

kernel32

user32

wsock32

msvcrt

Exports

Exports

Sections

.text Size: 88KB - Virtual size: 87KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 28KB - Virtual size: 27KB

.rsrc Size: 24KB - Virtual size: 22KB

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 88KB - Virtual size: 87KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 28KB - Virtual size: 27KB

.rsrc
Size: 24KB - Virtual size: 22KB

.reloc
Size: 12KB - Virtual size: 8KB