82f87734197909892abb60df728757ff4c395ee4ae6cb02c196acc7a3666ebc9_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

82f87734197909892abb60df728757ff4c395ee4ae6cb02c196acc7a3666ebc9_NeikiAnalytics.exe
Size

39KB
MD5

2f999f4a552a020e0bcf563447d36a80
SHA1

61d9e5bed906cc85fafee34cc575775af420b1fc
SHA256

82f87734197909892abb60df728757ff4c395ee4ae6cb02c196acc7a3666ebc9
SHA512

b582cb1858351311fc6f4c4950d54beebfd48806daa31513bd57cc63468540fcfeea1dc36e1ebbea827a62f9a175fe6c943b2ce00992544b1a1de652b963d01b
SSDEEP

768:14bP+elAO5VW4XBVvSFXhHdlwfomQTaQlMMMMMMMMMMMMuUrmlee1ZPsMJe2bJP:ubP9lAO5Q4XB9SFtw/QeQlMMMMMMMMMD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
82f87734197909892abb60df728757ff4c395ee4ae6cb02c196acc7a3666ebc9_NeikiAnalytics.exe

Files

82f87734197909892abb60df728757ff4c395ee4ae6cb02c196acc7a3666ebc9_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

bc3712e46438c80e8e85387b5d6a1d43

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

crtdll

strcmp
strchr
_isctype
longjmp
malloc
free
remove
fprintf
_iob
memcpy
strncpy
strlen
sprintf
strrchr
_exit
_XcptFilter
exit
_acmdln_dll
_initterm
__GetMainArgs
_commode_dll
_fmode_dll
_global_unwind2
_local_unwind2
memcmp
_mkdir
_chdir
memset
strcpy
_memicmp
strcat
_strnicmp

user32

SetDlgItemTextA
EndDialog
FindWindowA
SetWindowLongA
DefWindowProcA
GetWindowWord
GetSysColor
InvalidateRect
BeginPaint
EndPaint
GetClientRect
SetRect
LoadCursorA
RegisterClassA
SetCursor
SendMessageA
CharToOemA
TranslateMessage
EnableWindow
SetWindowTextA
GetDlgItemTextA
wvsprintfA
DialogBoxParamA
CreateDialogParamA
ShowWindow
UpdateWindow
GetDlgItem
SendDlgItemMessageA
DestroyWindow
PostMessageA
MessageBoxA
PeekMessageA
DispatchMessageA
GetWindowRect
GetSystemMetrics
SetWindowPos
wsprintfA
LoadStringA
IsCharAlphaNumericA
OemToCharA

kernel32

GetPrivateProfileStringA
WinExec
GetVolumeInformationA
GetTickCount
WritePrivateProfileStringA
MoveFileA
GetVersion
GetStartupInfoA
DosDateTimeToFileTime
LocalFileTimeToFileTime
_llseek
DeleteFileA
GlobalAlloc
GetFullPathNameA
_lcreat
_lwrite
GlobalLock
GlobalUnlock
GlobalFree
GlobalHandle
GetProfileStringA
lstrcmpiA
lstrcpyA
SetFileTime
GetFileTime
FindClose
FindFirstFileA
_lclose
_lopen
lstrcatA
GetModuleFileNameA
GetModuleHandleA
lstrlenA
_lread

gdi32

SetBkColor
SetTextColor
GetTextExtentPointA
ExtTextOutA
GetBkColor
SetTextAlign

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegOpenKeyExA
RegSetValueA

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bc3712e46438c80e8e85387b5d6a1d43

Headers

File Characteristics

Imports

crtdll

user32

kernel32

gdi32

advapi32

Sections

.text Size: 16KB - Virtual size: 16KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 38KB

.CRT Size: 512B - Virtual size: 8B

.rsrc Size: 14KB - Virtual size: 16KB

.text
Size: 16KB - Virtual size: 16KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 38KB

.CRT
Size: 512B - Virtual size: 8B

.rsrc
Size: 14KB - Virtual size: 16KB