1b7807227dbdaa77a44096ed00f307ad789fb962fd4542d1c58b61ef689aa5ca_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

1b7807227dbdaa77a44096ed00f307ad789fb962fd4542d1c58b61ef689aa5ca_NeikiAnalytics.exe
Size

152KB
MD5

b95772700f07ffb0307b41546d560ec0
SHA1

9da061e501766be7240eabc9613015befbdecc1f
SHA256

1b7807227dbdaa77a44096ed00f307ad789fb962fd4542d1c58b61ef689aa5ca
SHA512

25ebe4a36dd19201929f75bbeb3bec65e3c8eec6376643be5a92c012705b780c9584b6b6a7aa6539a84e6659e7d325b28f7345df41b989810465e07d1e6bd3c1
SSDEEP

3072:+PhStnUZU6z+U6WGQ3T0zKgc0ndea/JYozT6jBuE:+pSnG+U6WGQ1gdndxT6FP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b7807227dbdaa77a44096ed00f307ad789fb962fd4542d1c58b61ef689aa5ca_NeikiAnalytics.exe

Files

1b7807227dbdaa77a44096ed00f307ad789fb962fd4542d1c58b61ef689aa5ca_NeikiAnalytics.exe
.dll windows:4 windows x86 arch:x86

425fb424dc918ee2f655b592480df637

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ReadFile
CloseHandle
CreateFileA
WriteFile
GlobalDeleteAtom
GlobalAddAtomA
GetProfileIntA
OutputDebugStringA
FlushFileBuffers
SetStdHandle
LoadLibraryA
GetStringTypeW
GetStringTypeA
SetFilePointer
SetUnhandledExceptionFilter
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
FormatMessageA
SetHandleCount
GetCurrentProcess
TerminateProcess
GetProcAddress
LCMapStringW
LCMapStringA
GetOEMCP
GetACP
GetCPInfo
ExitProcess
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
IsBadWritePtr
VirtualAlloc
GetUserDefaultLangID
lstrlenW
lstrlenA
IsBadCodePtr
Sleep
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetModuleHandleA
TlsGetValue
TlsFree
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetVersion
GetCommandLineA
HeapReAlloc
WideCharToMultiByte
LocalFree
AddAtomA
DeleteAtom
GetLastError
GetVersionExA
GetModuleFileNameA
IsBadReadPtr
GetTickCount
GetStdHandle
SetLastError
RtlUnwind
HeapFree
HeapAlloc
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar

user32

BringWindowToTop
SendMessageA
GetDesktopWindow
LoadIconA
GetWindowLongA
LoadStringA
RegisterWindowMessageA
WinHelpA
DestroyWindow
IsWindow
GetDlgItem
MessageBeep
SetDlgItemTextA
GetWindow
CreateDialogParamA
DialogBoxParamA
GetDlgCtrlID
CallWindowProcA
InvalidateRect
ShowWindow
SetWindowLongA
GetWindowRect
SetWindowPos
SetWindowTextA
SetTimer
KillTimer
EndDialog
GetParent

gdi32

GetObjectA
CreateFontIndirectA
DeleteObject

winspool.drv

OpenPrinterW
SetJobW
ClosePrinter

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

wsock32

WSAGetLastError
send
recv
inet_ntoa

Exports

Exports

DCLCloseIPAddress
DCLGetSocketHandle
DCLInitializeV2
DCLSetIPAddress
DCLSetPrintingFromNetwork
DCLSetSocketHandle
DCLTerminateV2
InitializeMonitorEx
InitializePNP_ID

Sections

.text
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

425fb424dc918ee2f655b592480df637

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

version

wsock32

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 76KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 16KB - Virtual size: 21KB

.rsrc Size: 36KB - Virtual size: 33KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 80KB - Virtual size: 76KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 16KB - Virtual size: 21KB

.rsrc
Size: 36KB - Virtual size: 33KB

.reloc
Size: 8KB - Virtual size: 6KB