738483be3a8a961862ba8d045eb936fe1e40bf5accabfdd1c2a3db1a0e891189_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

738483be3a8a961862ba8d045eb936fe1e40bf5accabfdd1c2a3db1a0e891189_NeikiAnalytics.exe
Size

236KB
MD5

ebd46795866e4a94c5d0a1e09c15ada0
SHA1

397d1ee0ad85f3cc20679c08e198d8ec84b434b0
SHA256

738483be3a8a961862ba8d045eb936fe1e40bf5accabfdd1c2a3db1a0e891189
SHA512

7f6705836105de14eb786f3ce062686577c092a06f6471adeebe715400339c1976643ff8194bbbf751dcc7c33e3ebc68bcc1a2d6508b70f4f7363324cdd8e4ff
SSDEEP

1536:8D6YhT7lKlDau2flaLoRMtrXC2gyYy5cOwCI02JM0YeaYuUjlRNEs:8D5hT7lKb2fldRMtyyYyzwCv2gs3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
738483be3a8a961862ba8d045eb936fe1e40bf5accabfdd1c2a3db1a0e891189_NeikiAnalytics.exe

Files

738483be3a8a961862ba8d045eb936fe1e40bf5accabfdd1c2a3db1a0e891189_NeikiAnalytics.exe
.exe windows:5 windows x86 arch:x86

441ae27e83ab37874d41564217733297

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

icwconn1.pdb

Imports

msvcrt

swscanf
free
malloc
_vsnwprintf
_except_handler3
_wmakepath
_wsplitpath
??3@YAXPAX@Z
memmove
_wtoi
??2@YAPAXI@Z
setlocale

advapi32

RegOpenKeyExA
RegQueryValueExA
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegCreateKeyW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegQueryValueW
RegDeleteValueW
RegQueryValueExW
RegOpenKeyW
RegCloseKey

kernel32

GetLastError
GetModuleHandleW
CloseHandle
CreateFileW
GetFileAttributesW
lstrlenW
GetProcAddress
GlobalAlloc
CreateProcessW
LoadLibraryW
SetLastError
GetModuleFileNameW
OutputDebugStringA
GetPrivateProfileIntW
SetCurrentDirectoryW
GetWindowsDirectoryW
GetCurrentDirectoryW
LocalFree
LocalAlloc
LoadLibraryA
FreeLibrary
RemoveDirectoryW
FindClose
FindNextFileW
DeleteFileW
SetFileAttributesW
FindFirstFileW
GlobalFree
SetErrorMode
GetCommandLineW
ExitProcess
CreateFileMappingW
InterlockedIncrement
InterlockedDecrement
FormatMessageW
MulDiv
GetCurrentProcess
GetVersionExW
TerminateProcess
GetExitCodeThread
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetModuleHandleA
GetSystemDirectoryW
lstrcatW
SearchPathW
GetPrivateProfileStringW
lstrcmpiW
lstrcpyW
lstrcpynW

gdi32

GetDeviceCaps
StretchBlt
BitBlt
SetTextColor
SetBkColor
GetTextMetricsW
SetMapMode
GetMapMode
CreateBitmap
DPtoLP
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
DeleteDC
GetStockObject
SetBkMode
DeleteObject
GetObjectW
CreateFontIndirectW

user32

GetClassInfoW
SendMessageW
CallWindowProcW
SetWindowLongW
MessageBoxW
wsprintfW
LoadStringW
TranslateAcceleratorW
GetWindowLongW
DispatchMessageW
TranslateMessage
DestroyWindow
GetMessageW
DialogBoxParamW
GetSysColor
GetDlgItem
MoveWindow
GetSystemMetrics
GetWindowRect
CheckRadioButton
EndDialog
IsDlgButtonChecked
GetDlgCtrlID
GetDC
WaitMessage
PeekMessageW
LoadStringA
LoadImageW
LoadAcceleratorsW
ReleaseDC
SetMessageQueue
BringWindowToTop
SetForegroundWindow
GetLastActivePopup
FindWindowW
PostMessageW
ShowWindow
GetParent
CharNextW
CharPrevW
SetWindowTextW
SetWindowPos
EnableWindow
MsgWaitForMultipleObjects
CheckDlgButton
GetWindowTextW
DefWindowProcW
FillRect
GetClientRect
GetSysColorBrush
LoadCursorW
SetCursor
ExitWindowsEx
SendDlgItemMessageW
UpdateWindow
MapWindowPoints
InvalidateRect
IsRectEmpty
GetUpdateRect
IsWindowVisible
EnumThreadWindows
GetFocus
SetFocus
IsWindowEnabled
GetWindow
EnumChildWindows
RegisterClassExW
CreateWindowExW
CreateDialogParamW
GetDesktopWindow
MessageBeep
IsChild
GetNextDlgTabItem
LoadIconW
PostQuitMessage
DrawFocusRect
InflateRect
OffsetRect
CopyRect
DrawTextW
RedrawWindow
EndPaint
DrawEdge
BeginPaint
DrawIcon
RegisterClassW
UnregisterClassW

shell32

SHGetPathFromIDListW
SHGetMalloc
ShellExecuteW
SHGetSpecialFolderLocation

ole32

CoUninitialize
CoCreateInstance
CoInitialize

oleaut32

SysFreeString

shlwapi

PathIsFileSpecW
PathIsURLW

Sections

.text
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 170KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

441ae27e83ab37874d41564217733297

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

advapi32

kernel32

gdi32

user32

shell32

ole32

oleaut32

shlwapi

Sections

.text Size: 60KB - Virtual size: 60KB

.data Size: 5KB - Virtual size: 10KB

.rsrc Size: 170KB - Virtual size: 171KB

.text
Size: 60KB - Virtual size: 60KB

.data
Size: 5KB - Virtual size: 10KB

.rsrc
Size: 170KB - Virtual size: 171KB