1bb7dfbf96e835f692827c3dfc8d4c59ac8a3de34caa3c8288e68d8d69a37a4d_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

1bb7dfbf96e835f692827c3dfc8d4c59ac8a3de34caa3c8288e68d8d69a37a4d_NeikiAnalytics.exe
Size

937KB
MD5

31c936de4b24b16b3b626e39c1e19030
SHA1

e6b4a27511763273a04efb77c6008a575f0a6399
SHA256

1bb7dfbf96e835f692827c3dfc8d4c59ac8a3de34caa3c8288e68d8d69a37a4d
SHA512

13867d397dd9cf66bac35b81fe385121e8eec641eeab150369fc54ba97da24f3dd470b8b84ae00c104c8f395a4948c0cf51f9ba63edf547645db60291068ea2b
SSDEEP

6144:F/p+0L7JyKW+Z29zZuBa3eSgbnZirbfiUB2MI3:FRFL74KV291uE3ngbnZ43

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1bb7dfbf96e835f692827c3dfc8d4c59ac8a3de34caa3c8288e68d8d69a37a4d_NeikiAnalytics.exe

Files

1bb7dfbf96e835f692827c3dfc8d4c59ac8a3de34caa3c8288e68d8d69a37a4d_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

9e1fdfeb5c4aa11d1c99573094940e85

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
RaiseException
GetTimeZoneInformation
GetCommandLineA
GetSystemTime
GetLocalTime
GetACP
TerminateProcess
HeapAlloc
GetStartupInfoA
LCMapStringA
LCMapStringW
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
HeapSize
UnhandledExceptionFilter
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStringTypeA
GetOEMCP
FindResourceExA
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
RtlUnwind
HeapReAlloc
HeapFree
GetFileSize
GetFileTime
GetFileAttributesA
GetTickCount
GetVolumeInformationA
GetFullPathNameA
DeleteFileA
FindFirstFileA
FindClose
UnlockFile
SetEndOfFile
SetFilePointer
LockFile
FlushFileBuffers
CreateFileA
WriteFile
ReadFile
SetErrorMode
GetCurrentProcess
DuplicateHandle
GetThreadLocale
SizeofResource
GetModuleHandleA
GetPrivateProfileStringA
GetLastError
MulDiv
GetTempPathA
lstrcatA
WritePrivateProfileStringA
GetProfileIntA
SearchPathA
FreeLibrary
LoadLibraryA
GetProcAddress
InterlockedDecrement
GetModuleFileNameA
lstrcpyA
GetVersionExA
GetSystemInfo
GetProfileStringA
GetProcessVersion
GetCPInfo
GlobalFlags
TlsSetValue
TlsGetValue
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
EnterCriticalSection
TlsAlloc
LocalAlloc
InitializeCriticalSection
LeaveCriticalSection
DeleteCriticalSection
CloseHandle
GetCurrentThread
LockResource
FindResourceA
LoadResource
GlobalGetAtomNameA
GetVersion
GetCurrentThreadId
GlobalFindAtomA
lstrcmpiA
GlobalAddAtomA
FileTimeToSystemTime
GlobalDeleteAtom
FileTimeToLocalFileTime
GlobalFree
GlobalUnlock
GlobalAlloc
GlobalLock
FormatMessageA
lstrcpynA
SetLastError
WideCharToMultiByte
LocalFree
MultiByteToWideChar
lstrlenW
InterlockedIncrement
lstrlenA
GetStringTypeW
lstrcmpA
SetUnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
SetEnvironmentVariableA
IsDBCSLeadByte

user32

CharUpperA
RegisterClipboardFormatA
PostThreadMessageA
DestroyMenu
GetDesktopWindow
PtInRect
GetClassNameA
GetSysColorBrush
SetWindowContextHelpId
GetMessageA
ValidateRect
GetCursorPos
PostQuitMessage
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
EndDialog
CreateDialogIndirectParamA
MapDialogRect
GetActiveWindow
GetAsyncKeyState
GetMenuCheckMarkDimensions
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
ShowWindow
MoveWindow
SetWindowTextA
IsWindowEnabled
InflateRect
LoadIconA
UpdateWindow
SendDlgItemMessageA
GetFocus
IsWindow
AdjustWindowRectEx
ScreenToClient
GetClientRect
CopyRect
IsWindowVisible
GetTopWindow
CopyAcceleratorTableA
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetDlgCtrlID
GetKeyState
DefWindowProcA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
GetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
UnhookWindowsHookEx
GetWindowTextLengthA
GetWindowTextA
GetMenuItemCount
GetNextDlgGroupItem
SetRect
GetSysColor
MapWindowPoints
IsChild
GetSubMenu
GetMenuState
GetMenuItemID
LoadCursorA
InvalidateRect
SetCursor
SetWindowLongA
MessageBeep
LoadBitmapA
GetDC
ReleaseDC
LoadImageA
FillRect
MessageBoxA
DestroyWindow
PeekMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
GetParent
PostMessageA
SetCapture
SetFocus
ReleaseCapture
SetActiveWindow
EnableWindow
SendMessageA
GetDlgItem
IsCharAlphaNumericA
IsCharAlphaA
LoadStringA
CharNextA
wsprintfA
ShowCaret
ExcludeUpdateRgn
UnregisterClassA
HideCaret
DefDlgProcA
DrawFocusRect
IsWindowUnicode

gdi32

ScaleWindowExtEx
IntersectClipRect
ScaleViewportExtEx
SetViewportExtEx
GetWindowExtEx
GetViewportExtEx
CreateSolidBrush
PtVisible
RectVisible
Escape
TextOutA
GetTextColor
GetBkColor
EnumFontFamiliesExA
OffsetViewportOrgEx
LPtoDP
SetMapMode
SetViewportOrgEx
CreateCompatibleDC
BitBlt
CreateDIBitmap
GetTextExtentPointA
SetWindowExtEx
SetBkMode
SelectObject
RestoreDC
DeleteDC
DPtoLP
SaveDC
ExtTextOutA
PatBlt
DeleteObject
CreateBitmap
SetBkColor
SetTextColor
GetMapMode
GetClipBox
CreateFontIndirectA
GetObjectA
EndDoc
AbortDoc
GetStockObject
StartPage
StartDocA
EndPage
GetTextMetricsA
GetDeviceCaps
CreateFontA

comdlg32

GetFileTitleA
PrintDlgA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
RegSetValueExA
RegQueryValueExA

shell32

FindExecutableA
ShellExecuteA

comctl32

ord17
PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA

oledlg

ord8

ole32

CLSIDFromProgID
CoTaskMemAlloc
CLSIDFromString
CoCreateInstance
OleRun
CoTaskMemFree
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
OleInitialize
OleUninitialize

olepro32

ord253

oleaut32

VariantClear
VariantTimeToSystemTime
SysStringLen
SysAllocStringLen
VariantCopy
VariantChangeType
SysAllocStringByteLen
SysAllocString
SysFreeString

Sections

.text
Size: 248KB - Virtual size: 245KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 24KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 605KB - Virtual size: 605KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9e1fdfeb5c4aa11d1c99573094940e85

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 248KB - Virtual size: 245KB

.rdata Size: 56KB - Virtual size: 52KB

.data Size: 24KB - Virtual size: 38KB

.rsrc Size: 605KB - Virtual size: 605KB

.text
Size: 248KB - Virtual size: 245KB

.rdata
Size: 56KB - Virtual size: 52KB

.data
Size: 24KB - Virtual size: 38KB

.rsrc
Size: 605KB - Virtual size: 605KB