98c90638cb9853a56b6032e10607092a9c905144e705796ea19c286003202861_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

98c90638cb9853a56b6032e10607092a9c905144e705796ea19c286003202861_NeikiAnalytics.exe
Size

406KB
MD5

d1172c5970b1e4f40d3d59fad2113cf0
SHA1

217e1ec4f675b7ea35c118aeba3faf745535ea92
SHA256

98c90638cb9853a56b6032e10607092a9c905144e705796ea19c286003202861
SHA512

8763ca222e8912506f99381c68c4b5f3ca6fea4befdfa12a56a1cab13bde033f6719e56ffe142bb232acbe14b1acfc4b564ae39c2df6500004e71275cfb818ba
SSDEEP

12288:smGgG/lyKU1HvnE1TMdMcg92TQ49GKNyNzC+:smGgGdM1Ns4QKNyp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
98c90638cb9853a56b6032e10607092a9c905144e705796ea19c286003202861_NeikiAnalytics.exe

Files

98c90638cb9853a56b6032e10607092a9c905144e705796ea19c286003202861_NeikiAnalytics.exe
.dll windows:5 windows x86 arch:x86

354d2f1c0895eacf7ce6c57f4399d7bb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\ade\jenkins\workspace\8-2-build-windows-i586-cygwin\jdk8u241\331\build\windows-i586\deploy\tmp\javacpl\obj\javacpl.pdb

Imports

user32

MessageBoxA
CloseDesktop
OpenInputDesktop
LoadStringA
wsprintfA
GetShellWindow
GetWindowThreadProcessId

kernel32

HeapAlloc
LoadLibraryW
CompareStringW
FlushFileBuffers
WriteConsoleW
GetProcAddress
GetModuleHandleA
InterlockedIncrement
GlobalMemoryStatusEx
GetVersionExA
VerifyVersionInfoA
VerSetConditionMask
GetCurrentProcess
GetNativeSystemInfo
CloseHandle
GlobalFree
LocalFree
GlobalAlloc
GetLastError
CreateFileA
LoadLibraryA
GetSystemDirectoryA
FreeLibrary
CreateProcessA
WaitForSingleObject
lstrlenA
GetEnvironmentVariableA
GetWindowsDirectoryA
LocalAlloc
FormatMessageA
WTSGetActiveConsoleSessionId
GetLongPathNameA
GetShortPathNameA
GetModuleFileNameA
InterlockedDecrement
GetTempPathA
GetLocalTime
OpenProcess
lstrcatA
SetEvent
OpenEventA
OutputDebugStringA
GetCurrentProcessId
GetCurrentThreadId
InterlockedExchange
ReadFile
GetProcessHeap
SetEndOfFile
SetFilePointer
MultiByteToWideChar
WideCharToMultiByte
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileExA
RtlUnwind
GetDriveTypeW
FindFirstFileExW
HeapFree
GetTimeFormatA
GetDateFormatA
GetTimeZoneInformation
GetSystemTimeAsFileTime
DecodePointer
GetCommandLineA
GetConsoleMode
EncodePointer
RaiseException
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
LCMapStringW
GetFullPathNameA
GetFileInformationByHandle
PeekNamedPipe
GetFileType
GetCurrentDirectoryW
IsProcessorFeaturePresent
EnterCriticalSection
LeaveCriticalSection
GetFullPathNameW
CreateFileW
InitializeCriticalSectionAndSpinCount
HeapCreate
HeapDestroy
ExitProcess
DeleteCriticalSection
SetHandleCount
GetStdHandle
GetStartupInfoW
SetEnvironmentVariableW
SetEnvironmentVariableA
Sleep
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
WriteFile
GetModuleFileNameW
HeapSize
GetStringTypeW
SetStdHandle
GetConsoleCP
HeapReAlloc

ole32

StringFromCLSID
CoTaskMemFree

oleaut32

SysAllocStringByteLen
SysStringLen
SysAllocString
SysFreeString
VariantClear

Exports

Exports

CPlApplet
DllMain

Sections

.text
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 254KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

354d2f1c0895eacf7ce6c57f4399d7bb

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

user32

kernel32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 93KB - Virtual size: 93KB

.rdata Size: 19KB - Virtual size: 19KB

.data Size: 5KB - Virtual size: 12KB

.rsrc Size: 32KB - Virtual size: 31KB

.reloc Size: 254KB - Virtual size: 256KB

.text
Size: 93KB - Virtual size: 93KB

.rdata
Size: 19KB - Virtual size: 19KB

.data
Size: 5KB - Virtual size: 12KB

.rsrc
Size: 32KB - Virtual size: 31KB

.reloc
Size: 254KB - Virtual size: 256KB