99da2a7f8a3d7332bcaa54c712965439334dc3bde0b1a8c7600f21658333d4e1_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

99da2a7f8a3d7332bcaa54c712965439334dc3bde0b1a8c7600f21658333d4e1_NeikiAnalytics.exe
Size

485KB
MD5

c2575fe25d5fe157d9f8991477bcd170
SHA1

709a56602edcc81716323f47e8f9e794ae9b440c
SHA256

99da2a7f8a3d7332bcaa54c712965439334dc3bde0b1a8c7600f21658333d4e1
SHA512

efc0004033330cafd5bd60c1a4eb291b3b9a6c5713355f6d7b289bb41c96e26bda3ca95739cdfd54111400553791edbe1aad03740b276150df8117c6485c509a
SSDEEP

6144:Ad48yHE+b43tWNMNo+G4CfsbCKEZuXMwiYni7opWeDfQFFsfMY+IRxwnQN:647/72fUzELnispWm4FmBFwQN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
99da2a7f8a3d7332bcaa54c712965439334dc3bde0b1a8c7600f21658333d4e1_NeikiAnalytics.exe

Files

99da2a7f8a3d7332bcaa54c712965439334dc3bde0b1a8c7600f21658333d4e1_NeikiAnalytics.exe
.dll windows:6 windows x86 arch:x86

444178dd94e8a152423beced1aa22e52

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WriteConsoleW
SetStdHandle
OutputDebugStringW
LoadLibraryExW
HeapReAlloc
SetFilePointerEx
ReadFile
GetConsoleMode
GetConsoleCP
CloseHandle
GetModuleFileNameW
WriteFile
GetOEMCP
FreeEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
GetFileType
GetStdHandle
HeapSize
ReadConsoleW
GetProcessHeap
IsDebuggerPresent
GetUserDefaultLCID
LCMapStringW
GetProcAddress
GetModuleHandleW
GetStartupInfoW
TlsFree
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
InitializeCriticalSectionAndSpinCount
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
CreateFileW
GetCommandLineA
FindClose
GetSystemTimeAdjustment
Sleep
GetCommState
SetDllDirectoryW
SetCommBreak
GetACP
GetTickCount
FreeLibrary
InitializeSListHead
EnterCriticalSection
GetCPInfo
GetLocaleInfoA
GetCommandLineW
ResetEvent
IsValidCodePage
RaiseException
IsValidLocale
TlsSetValue
SetCommTimeouts
GetModuleHandleExW
GetSystemDefaultLangID
EnumSystemLocalesW
CreateFileMappingA
GlobalUnlock
CompareStringW
GetSystemTimeAsFileTime
ConnectNamedPipe
GetEnvironmentStringsW
DeleteFileA
GetThreadTimes
FindFirstFileA
FlushFileBuffers
GetLocaleInfoW
WideCharToMultiByte
ExitProcess
HeapAlloc
EncodePointer
DecodePointer
LeaveCriticalSection
DeleteCriticalSection
MultiByteToWideChar
GetStringTypeW
GetLastError
HeapFree
GetCurrentThreadId
RtlUnwind

user32

CheckRadioButton
MessageBeep
UnionRect
EnableMenuItem
LoadCursorA
SetScrollInfo
RedrawWindow
GetSystemMenu
SetKeyboardState
EnumWindows
CreateDialogIndirectParamA
SetRect
GetWindowLongA
GetWindowThreadProcessId
SetTimer
ShowCursor
IsDlgButtonChecked
ValidateRgn
GetMessageTime
CreateDialogParamA
MsgWaitForMultipleObjects
DrawIconEx
DeleteMenu
SetParent
BeginPaint
GetKeyboardLayout
CheckMenuRadioItem
UnregisterClassA
SetClassLongA
ScrollWindow
SetWindowsHookExA
PostMessageA
ScrollWindowEx
GetCaretBlinkTime
ValidateRect
CheckMenuItem
CopyRect
DestroyWindow
SetCursor
GetDC
MessageBoxA
GetDesktopWindow
AppendMenuA

gdi32

SetWindowExtEx
SetStretchBltMode
GetMetaFileBitsEx
SetLayout
ExtTextOutA
RectVisible
PlayEnhMetaFile
Rectangle
SelectPalette
GetObjectW
GetTextExtentPointA
SetROP2
GetStockObject
GetWindowOrgEx
Arc
GetTextExtentPoint32A
SetTextColor
MaskBlt
SetDIBColorTable
CreatePalette
SelectClipRgn
PtInRegion
CreateCompatibleDC
GetNearestPaletteIndex
CreatePatternBrush
CreateFontA
StretchBlt
SetWinMetaFileBits
GetPaletteEntries

advapi32

AllocateAndInitializeSid
LookupPrivilegeValueW
RegOpenKeyExA
RegQueryValueExW
RegDeleteValueA
GetLengthSid

ole32

CoTaskMemFree

Sections

.text
Size: 367KB - Virtual size: 366KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

444178dd94e8a152423beced1aa22e52

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

Sections

.text Size: 367KB - Virtual size: 366KB

.rdata Size: 82KB - Virtual size: 82KB

.data Size: 19KB - Virtual size: 36KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 15KB - Virtual size: 14KB

.text
Size: 367KB - Virtual size: 366KB

.rdata
Size: 82KB - Virtual size: 82KB

.data
Size: 19KB - Virtual size: 36KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 15KB - Virtual size: 14KB