1a0542ce9fd80813b85d17a692a26858910d07b1ded5d2adf7b8b983df0d026a_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

1a0542ce9fd80813b85d17a692a26858910d07b1ded5d2adf7b8b983df0d026a_NeikiAnalytics.exe
Size

1.1MB
MD5

8dae1d6959148f708e4f9e676d1ce880
SHA1

e4284578c475770142ff702cfe0555942b0e70fb
SHA256

1a0542ce9fd80813b85d17a692a26858910d07b1ded5d2adf7b8b983df0d026a
SHA512

3d937ad110d279d584a50e332dcf8df9e08c6c85a0025fceb3d33b74867067a6df0b1ded2c82cf261ffa890c9bcc30535ae8019b3fd1cbe2b48f35b4137cbfbf
SSDEEP

24576:gwyjcbxnxofN2w47maVe6FPiFrtmbl0fitGbna8FLk2m1X2D4brrv:gwSQxnxc27KFiPMQblI7a8K2mFhbrr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a0542ce9fd80813b85d17a692a26858910d07b1ded5d2adf7b8b983df0d026a_NeikiAnalytics.exe

Files

1a0542ce9fd80813b85d17a692a26858910d07b1ded5d2adf7b8b983df0d026a_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

67efd1d08a41f07b61c6e3dc7c87dbf0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

t:\orgchart\x86\ship\0\orgchart.pdb

Imports

kernel32

IsDBCSLeadByteEx
GetFileSize
SetEndOfFile
SetErrorMode
GetAtomNameA
GetAtomNameW
AddAtomW
DeleteAtom
GetProfileIntA
GetUserDefaultLangID
LoadLibraryA
CreateFileA
GetModuleFileNameA
FindFirstFileA
FindClose
GetSystemDefaultLangID
GetDriveTypeA
GetCurrentDirectoryA
FormatMessageW
GetLastError
MultiByteToWideChar
GetTempPathA
GetTempFileNameA
GetProfileStringA
CompareStringA
GlobalAddAtomA
GlobalGetAtomNameA
GlobalDeleteAtom
WideCharToMultiByte
lstrcmpiA
CloseHandle
DeleteFileA
SetFilePointer
ReadFile
WriteFile
GlobalHandle
GetTickCount
lstrlenA
GlobalFlags
FreeLibrary
LocalAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoA
InterlockedCompareExchange
Sleep
InterlockedExchange
GetModuleHandleW
GetProcAddress
GetProcessHeap
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
VirtualProtect
GlobalReAlloc
GlobalSize
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
RaiseException

gdi32

TextOutA
GetTextCharset
GetTextExtentPoint32A
ExtCreatePen
GetMapMode
SetMapMode
CreateICA
Escape
CreateBitmap
GetTextFaceA
CreateFontIndirectW
ExtTextOutA
CreateRectRgn
CreateMetaFileA
CloseMetaFile
CreateFontA
GetTextMetricsA
CreatePatternBrush
CreateCompatibleDC
OffsetRgn
SetStretchBltMode
TranslateCharsetInfo
DeleteDC
GetDIBits
GetDeviceCaps
GetPaletteEntries
StretchDIBits
SetMetaFileBitsEx
GetViewportOrgEx
SetTextAlign
SetViewportOrgEx
SetWindowExtEx
SetViewportExtEx
PlayMetaFile
DeleteMetaFile
CreatePalette
CreateCompatibleBitmap
GetStockObject
GetWindowOrgEx
DeleteObject
RestoreDC
BitBlt
PatBlt
LineTo
MoveToEx
CreatePen
SetBkColor
SetTextColor
GetObjectA
SelectObject
SaveDC
IntersectClipRect
Arc
Polygon
DPtoLP
LPtoDP
PaintRgn
CreateRoundRectRgn
RoundRect
SetBkMode
CreateSolidBrush
InvertRgn
CreatePolygonRgn
GetNearestColor
ExcludeClipRect
Rectangle
SetWindowOrgEx
RealizePalette
SelectPalette
GetTextExtentPointA
Polyline
SetROP2
GetROP2
SetPolyFillMode
SelectClipRgn
SetDIBits

user32

GetScrollPos
GetMessageTime
ScrollWindow
GetDlgItem
SetDlgItemInt
GetDlgItemInt
EndDialog
DialogBoxParamW
FrameRect
ScreenToClient
GetClassNameA
GetActiveWindow
GetWindowTextW
DeleteMenu
AppendMenuA
GetWindowPlacement
EqualRect
GetMessagePos
RegisterClassExA
LoadImageA
LoadIconA
GetMenuItemID
ModifyMenuA
GetSystemMetrics
GetMenuStringW
LoadMenuA
DestroyMenu
RemoveMenu
SendMessageW
CreateWindowExW
RegisterClipboardFormatA
SetDlgItemTextW
GetDlgItemTextW
LoadAcceleratorsA
SetWindowTextW
GetWindowTextA
SetDlgItemTextA
GetDlgItemTextA
CheckDlgButton
EnableWindow
ModifyMenuW
GetMenuState
GetCursorPos
GetMenuCheckMarkDimensions
LoadStringA
LoadBitmapA
CharNextA
SetScrollInfo
GetScrollInfo
GetScrollRange
GetUpdateRect
KillTimer
SetTimer
GetCaretBlinkTime
IsWindowEnabled
GetClipboardOwner
GetKeyboardLayout
GetKeyState
GetClientRect
InvertRect
InflateRect
ReleaseDC
GetDC
InvalidateRect
EmptyClipboard
SetClipboardData
CloseClipboard
IsClipboardFormatAvailable
OpenClipboard
GetWindowLongA
CopyRect
SendMessageA
GetParent
FillRect
SetRect
DestroyWindow
CreateWindowExA
OffsetRect
IsWindowVisible
GetWindow
UpdateWindow
CheckRadioButton
CheckMenuItem
PtInRect
IntersectRect
GetMenu
GetMenuItemCount
DrawMenuBar
FindWindowA
BringWindowToTop
GetMessageA
TranslateMDISysAccel
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
IsIconic
SetWindowPos
PostQuitMessage
SetForegroundWindow
GetDlgCtrlID
GetDoubleClickTime
MessageBeep
DefMDIChildProcA
EnableMenuItem
ClientToScreen
GetSubMenu
TrackPopupMenu
PeekMessageA
SetCursor
LoadStringW
MessageBoxW
SetScrollPos
GetFocus
ShowWindow
ValidateRect
GetWindowRect
MoveWindow
GetClipboardData
UnionRect
LoadCursorA
RegisterClassA
DefWindowProcA
SetWindowLongA
ReleaseCapture
SetFocus
SetCapture
PostMessageA
BeginPaint
EndPaint
DrawFocusRect
IsDlgButtonChecked
GetSysColor
DefFrameProcA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

ole32

OleBuildVersion
OleInitialize
CoRegisterClassObject
CreateItemMoniker
CreateGenericComposite
CreateFileMoniker
CoGetMalloc
CoRevokeClassObject
OleUninitialize
CreateOleAdviseHolder
CreateDataAdviseHolder
ReleaseStgMedium
OleRegEnumFormatEtc
WriteClassStg
WriteFmtUserTypeStg
GetRunningObjectTable
CoDisconnectObject
CreateStreamOnHGlobal
OleSaveToStream
WriteClassStm
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
OleFlushClipboard
OleSetClipboard

msvcr80

_controlfp_s
_except_handler4_common
_decode_pointer
_onexit
_lock
__dllonexit
_unlock
_crt_debugger_hook
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
atof
atoi
toupper
rename
_stricmp
_strnicmp
_splitpath_s
_vsnprintf
__argc
__argv
memchr
strftime
_time64
_localtime64_s
memset
_CIasin
_CIatan2
_CIcos
_CIsin
_CIsqrt
memmove
_invoke_watson

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

comctl32

ord17

shell32

SHGetFolderPathA

Sections

.text
Size: 462KB - Virtual size: 461KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 588KB - Virtual size: 592KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

67efd1d08a41f07b61c6e3dc7c87dbf0

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

gdi32

user32

advapi32

ole32

msvcr80

winspool.drv

comctl32

shell32

Sections

.text Size: 462KB - Virtual size: 461KB

.data Size: 2KB - Virtual size: 139KB

.rsrc Size: 33KB - Virtual size: 32KB

.reloc Size: 588KB - Virtual size: 592KB

.text
Size: 462KB - Virtual size: 461KB

.data
Size: 2KB - Virtual size: 139KB

.rsrc
Size: 33KB - Virtual size: 32KB

.reloc
Size: 588KB - Virtual size: 592KB