373726c95f9ba78567e94a7d93dd8e1b68ace127a120e4088faf2feebbe3939c_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

373726c95f9ba78567e94a7d93dd8e1b68ace127a120e4088faf2feebbe3939c_NeikiAnalytics.exe
Size

688KB
MD5

77fb1cc771d6270e6abfcd63eb7ecfe0
SHA1

2574c19c1fa9444334c69df0e61ed8efdfab72be
SHA256

373726c95f9ba78567e94a7d93dd8e1b68ace127a120e4088faf2feebbe3939c
SHA512

dfe77c8e8581e8de1d83b09b982d27801005b5e867cb45fb8f3884896641b4e1a315574084974f645e1c37ac5f1bd9cf832278758ca261a48b4459815e880206
SSDEEP

12288:30bymZIu339oerpsaA3R8qNfXqiz0KHOyfgnTeIOJGpAaQTCVcXz73hJPQ:kWmL36SSfXRRHOyfUeIOJGpAaQTCVcXn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
373726c95f9ba78567e94a7d93dd8e1b68ace127a120e4088faf2feebbe3939c_NeikiAnalytics.exe

Files

373726c95f9ba78567e94a7d93dd8e1b68ace127a120e4088faf2feebbe3939c_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

36f5a04339bd95566c8f9e8c8b481f2d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetSystemMenu
EnableMenuItem
IsRectEmpty
wsprintfA
CharUpperA
GetWindowTextA
FindWindowA
EnumChildWindows
SendMessageTimeoutA
IsWindowEnabled
SetMenuItemInfoA
RemoveMenu
SetTimer
IsClipboardFormatAvailable
OpenClipboard
GetClipboardData
CloseClipboard
GetClassNameA
LoadBitmapA
SetMenu
TrackPopupMenu
GetMenuItemInfoA
InsertMenuItemA
ModifyMenuA
CreatePopupMenu
CreateMenu
ScreenToClient
WindowFromPoint
SetCapture
EnableScrollBar
ShowScrollBar
MapWindowPoints
DrawMenuBar
GetWindowDC
CreateIconIndirect
GetComboBoxInfo
SetScrollRange
DestroyIcon
GetClassLongA
SetClassLongA
SetWindowTextA
EnableWindow
IntersectRect
RedrawWindow
IsZoomed
MessageBoxA
DestroyMenu
MessageBoxIndirectA
GetDlgItem
GetScrollInfo
CopyRect
CreateDialogParamA
PostQuitMessage
GetUpdateRect
DrawTextA
LoadImageA
GetIconInfo
LoadIconA
RegisterClassExA
AdjustWindowRect
GetKeyState
ReleaseCapture
GetFocus
GetParent
KillTimer
SetScrollPos
IsWindowVisible
CallWindowProcA
DrawFrameControl
InflateRect
DrawIconEx
DrawFocusRect
FrameRect
BeginPaint
EndPaint
RealChildWindowFromPoint
GetSysColor
SetRect
PostMessageA
DefWindowProcA
GetSystemMetrics
CreateWindowExA
SetWindowLongA
SystemParametersInfoA
ClientToScreen
SetCursorPos
LoadCursorA
SetCursor
SetScrollInfo
ScrollWindowEx
CreateCaret
UpdateWindow
DestroyCaret
DestroyWindow
InvalidateRect
ValidateRect
ShowWindow
HideCaret
FillRect
SetWindowPos
ValidateRgn
SendMessageA
SetFocus
DispatchMessageA
DrawTextExA
GetScrollBarInfo
RegisterClassA
OemToCharA
keybd_event
GetMenuCheckMarkDimensions
TranslateMessage
GetMessageA
PeekMessageA
GetClientRect
GetWindowRect
MoveWindow
SetCaretPos
ShowCaret
GetWindowLongA
GetDC
ReleaseDC
InvalidateRgn

kernel32

GetDriveTypeA
FindClose
FileTimeToLocalFileTime
FindFirstFileA
lstrcpyA
GetFullPathNameA
SetEndOfFile
CompareStringW
CompareStringA
GetStringTypeW
GetStringTypeA
SetStdHandle
GetOEMCP
GetACP
GetCPInfo
RaiseException
LCMapStringW
LCMapStringA
FlushFileBuffers
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
MoveFileA
RtlUnwind
SetConsoleCtrlHandler
HeapAlloc
HeapReAlloc
TerminateProcess
HeapFree
GetTimeZoneInformation
ExitProcess
GetVersion
GetStartupInfoA
SetFilePointerEx
GetTempFileNameA
GetTempPathA
DeleteFileA
GetSystemDirectoryA
GetLastError
CreateProcessA
Sleep
Beep
CloseHandle
CreateFileA
SetEnvironmentVariableA
GetTickCount
GetSystemTime
GetProcAddress
LoadLibraryA
GetVersionExA
GetCurrentProcess
WriteFile
GetCommandLineA
GetModuleHandleA
SetCurrentDirectoryA
GetCurrentDirectoryA
MulDiv
GetLocalTime
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetExitCodeProcess
WaitForSingleObject
CreatePipe
MultiByteToWideChar
FileTimeToSystemTime
GetFileTime
CreateMutexA
ExitThread
CreateThread
ReleaseMutex
SetThreadPriority
GetThreadPriority
GetCurrentThread
ReadFile
GetFileAttributesA
GetModuleFileNameA
GetFileAttributesExA
DeviceIoControl
WaitNamedPipeA
SetFilePointer
GetFileSize
LockFile
UnlockFile
GetFileInformationByHandle
GetEnvironmentVariableA
GlobalReAlloc
lstrcmpiA
SetEnvironmentVariableW
GetProfileStringA
CreateDirectoryA
RemoveDirectoryA
WideCharToMultiByte
GetCurrentProcessId

comctl32

ImageList_ReplaceIcon
ImageList_Add
_TrackMouseEvent
ord17
InitCommonControlsEx
ImageList_Create

gdi32

Rectangle
AbortDoc
CreateDCA
StartDocA
StartPage
EndDoc
EndPage
SetAbortProc
SetStretchBltMode
StretchDIBits
GetStockObject
GetDIBits
GetSystemPaletteEntries
EndPath
StrokePath
StrokeAndFillPath
BeginPath
Arc
Pie
Ellipse
GetBkColor
SetPixel
SelectPalette
RealizePalette
CreateDIBitmap
CreatePalette
CreatePatternBrush
GetPixel
CreateDIBSection
CreateBrushIndirect
GetBkMode
GetObjectA
ExtTextOutA
BitBlt
StretchBlt
SetBkMode
GetTextColor
RectVisible
TextOutA
DeleteDC
CreateCompatibleDC
CreateCompatibleBitmap
GetMapMode
SetMapMode
SetBkColor
SetTextColor
CreateSolidBrush
GetDeviceCaps
CreatePen
SetROP2
MoveToEx
LineTo
GetTextExtentPoint32A
GetCurrentObject
SelectObject
GetTextMetricsA
DeleteObject
CreateFontIndirectA
CreateFontA

gdiplus

GdipCreateBitmapFromFileICM
GdipFree
GdipCloneImage
GdipCreateBitmapFromFile
GdiplusStartup
GdipCreateHBITMAPFromBitmap
GdipGetImageWidth
GdiplusShutdown
GdipAlloc
GdipGetImageThumbnail
GdipDisposeImage
GdipGetImageHeight

comdlg32

PrintDlgExA
ChooseFontA
GetSaveFileNameA
GetOpenFileNameA

advapi32

RegSetValueExA
GetTokenInformation
OpenProcessToken
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
LookupPrivilegeNameA
RegQueryInfoKeyA
GetUserNameA

shell32

SHGetDesktopFolder
SHBrowseForFolderA
ShellExecuteExA
SHGetPathFromIDListA

ole32

CreateStreamOnHGlobal
CoInitialize
CoUninitialize

oleaut32

OleLoadPicture

wsock32

WSAStartup
WSACleanup
gethostname

winspool.drv

DocumentPropertiesA
ClosePrinter
EnumPrintersA
OpenPrinterA
GetPrinterA

wininet

InternetWriteFile
InternetQueryDataAvailable
InternetReadFile
InternetOpenA
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
FtpGetFileA
InternetCloseHandle

Sections

.text
Size: 616KB - Virtual size: 613KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 19.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

36f5a04339bd95566c8f9e8c8b481f2d

Headers

File Characteristics

Imports

user32

kernel32

comctl32

gdi32

gdiplus

comdlg32

advapi32

shell32

ole32

oleaut32

wsock32

winspool.drv

wininet

Sections

.text Size: 616KB - Virtual size: 613KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 52KB - Virtual size: 19.3MB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 616KB - Virtual size: 613KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 52KB - Virtual size: 19.3MB

.rsrc
Size: 4KB - Virtual size: 3KB