1d5d80353be7dbfd0d8d058ca2cf143a18b78b99a5f3b992e3f51db10244bea0_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

1d5d80353be7dbfd0d8d058ca2cf143a18b78b99a5f3b992e3f51db10244bea0_NeikiAnalytics.exe
Size

300KB
MD5

876278ff3f0c2c1d9d633fe0ad7299b0
SHA1

004938da9b137c0c17f463a67a13b536e161e269
SHA256

1d5d80353be7dbfd0d8d058ca2cf143a18b78b99a5f3b992e3f51db10244bea0
SHA512

ace121bc0112139207863f8c0f4c19c023c13062c499bbec9c3dbb91f81eec60372b11ee0d69ac5c4538e0caa43630d28761727e4c4b5422e78fe4fb5ef422a1
SSDEEP

3072:XFbkj36oibMviB1pIc9f7PnAnmmONth+0aubiLo/AS31go0wVZZMJURPybPf/PS9:XFA6EknZ7PAmnWkl+PP2CQwguiNS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1d5d80353be7dbfd0d8d058ca2cf143a18b78b99a5f3b992e3f51db10244bea0_NeikiAnalytics.exe

Files

1d5d80353be7dbfd0d8d058ca2cf143a18b78b99a5f3b992e3f51db10244bea0_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

8ef7c38face42cd028259ca5a61adfe9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CLSIDFromString
GetHGlobalFromStream
CreateStreamOnHGlobal
CoUninitialize
CoInitialize

user32

GetDC
MsgWaitForMultipleObjects
GetInputState
GetWindowRect
PrintWindow
ReleaseDC
IsWindow
LoadImageA
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
wsprintfA
MessageBoxA
SetClipboardData
EmptyClipboard
CloseClipboard
GetClipboardData
OpenClipboard
ClientToScreen
GetClientRect
IsWindowVisible
IsIconic
EnumDisplaySettingsA
DrawIconEx
FillRect

kernel32

GetOEMCP
GetACP
GetCPInfo
VirtualAlloc
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetLastError
TlsGetValue
SetLastError
CreateWaitableTimerA
SetWaitableTimer
CloseHandle
CreateFileA
DeviceIoControl
GetVolumeInformationA
RtlMoveMemory
GetProcessHeap
HeapAlloc
RtlFillMemory
GlobalAlloc
GlobalLock
GlobalUnlock
lstrcpyn
GlobalSize
GetStringTypeA
MultiByteToWideChar
lstrlenW
GetTempPathW
WideCharToMultiByte
GetModuleHandleA
ExitProcess
HeapReAlloc
HeapFree
IsBadReadPtr
GetTickCount
WriteFile
SetFilePointer
DeleteFileA
FreeLibrary
GetProcAddress
LoadLibraryA
LCMapStringA
EnterCriticalSection
InitializeCriticalSection
LeaveCriticalSection
GetStringTypeW
InterlockedDecrement
InterlockedIncrement
LCMapStringW
SetStdHandle
RaiseException
FlushFileBuffers
TlsAlloc
TlsSetValue
GetCurrentThreadId
DeleteCriticalSection
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GlobalFree
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetVersion
GetCommandLineA
GetStartupInfoA

gdi32

SetPixelV
GetPixel
CreateSolidBrush
GdiFlush
BitBlt
CreateDIBSection
GetDIBits
GetObjectA
DeleteDC
DeleteObject
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
SetDIBitsToDevice

gdiplus

GdipCreateBitmapFromStream
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromHBITMAP
GdipSaveImageToStream
GdipDisposeImage
GdiplusShutdown
GdiplusStartup

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW

shell32

SHGetSpecialFolderPathW

oleaut32

OleLoadPicture
VariantTimeToSystemTime

shlwapi

PathFileExistsA

Sections

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 152KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8ef7c38face42cd028259ca5a61adfe9

Headers

File Characteristics

Imports

ole32

user32

kernel32

gdi32

gdiplus

advapi32

shell32

oleaut32

shlwapi

Sections

.text Size: 120KB - Virtual size: 120KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 152KB - Virtual size: 204KB

.rsrc Size: 16KB - Virtual size: 12KB

.text
Size: 120KB - Virtual size: 120KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 152KB - Virtual size: 204KB

.rsrc
Size: 16KB - Virtual size: 12KB