4600225dd943e6a17938bef75258549922b165e9f8c177fe73a1f919b16fdd7d_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

4600225dd943e6a17938bef75258549922b165e9f8c177fe73a1f919b16fdd7d_NeikiAnalytics.exe
Size

358KB
MD5

26122182cdd2ed4e7d5372dc521adc50
SHA1

a5355f904a4fad5660201151961715a8490a4b0f
SHA256

4600225dd943e6a17938bef75258549922b165e9f8c177fe73a1f919b16fdd7d
SHA512

8b2b9952254ac8b3f0283d6e1b8016d0555b5a54219dc93943fb84eeb4cb4bb2b7bc8fa45c8965a38c8d608053e09ede1e183335ce64a7a0aabd449bcac49b71
SSDEEP

6144:TeLFp/CfXcSCMvL1TNOcqz7eiRHZhO33PcE15PNBCkE9e/:M/CfXcuvLViRHZefLXPNsH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4600225dd943e6a17938bef75258549922b165e9f8c177fe73a1f919b16fdd7d_NeikiAnalytics.exe

Files

4600225dd943e6a17938bef75258549922b165e9f8c177fe73a1f919b16fdd7d_NeikiAnalytics.exe
.exe windows:5 windows x86 arch:x86

f68df02926515b28da1ae5bf3a97c058

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\mast\Documents\Scope\FEIScopePlugin\ExeRelease\FEI-SEMserver.pdb

Imports

ws2_32

socket
bind
recv
WSACleanup
__WSAFDIsSet
htons
WSAGetLastError
select
WSAStartup
closesocket
send
setsockopt
accept
listen

kernel32

CreateFileA
GlobalFlags
GetLocaleInfoA
GetCPInfo
GetOEMCP
FileTimeToLocalFileTime
GetCurrentDirectoryA
HeapAlloc
HeapReAlloc
HeapFree
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetDriveTypeA
GetCommandLineA
GetFullPathNameA
RaiseException
VirtualAlloc
HeapSize
ExitProcess
VirtualFree
HeapCreate
GetStdHandle
SetHandleCount
GetFileType
GetStartupInfoA
GetConsoleCP
GetConsoleMode
GetACP
IsValidCodePage
LCMapStringA
LCMapStringW
GetFileInformationByHandle
PeekNamedPipe
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
CompareStringW
SetEnvironmentVariableA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetProcessHeap
GetLocaleInfoW
GetCurrentProcess
SetEndOfFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
lstrcmpW
GetVersionExA
FileTimeToSystemTime
lstrcmpA
GlobalGetAtomNameA
GetModuleHandleW
CompareStringA
GetCurrentThreadId
GetCurrentProcessId
GetModuleFileNameA
FreeLibrary
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetModuleHandleA
GetProcAddress
TlsFree
GlobalFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalAlloc
GlobalHandle
GlobalUnlock
GlobalReAlloc
GlobalLock
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
SetLastError
DeleteFileA
FindNextFileA
MoveFileA
LocalAlloc
FindClose
GetLastError
FindFirstFileA
MultiByteToWideChar
FormatMessageA
GetTickCount
InterlockedDecrement
InterlockedIncrement
lstrlenA
CreateThread
ResumeThread
LocalFree
SetConsoleCtrlHandler
VerifyVersionInfoA
Sleep
VerSetConditionMask
CloseHandle
GetExitCodeThread
TerminateThread
WaitForSingleObject
CreateFileW
RtlUnwind

user32

PostQuitMessage
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
DestroyMenu
ClientToScreen
SetWindowTextA
RegisterWindowMessageA
LoadIconA
WinHelpA
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
IsWindow
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
GetClientRect
PostMessageA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetWindow
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetWindowTextA
LoadCursorA
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
SetWindowsHookExA
CallNextHookEx
DispatchMessageA
GetKeyState
PeekMessageA
ValidateRect
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetWindowThreadProcessId
SendMessageA
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
UnhookWindowsHookEx
MessageBoxA
AdjustWindowRectEx

gdi32

ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
ExtTextOutA
SetViewportOrgEx
SelectObject
Escape
TextOutA
DeleteObject
SetBkColor
SetTextColor
GetClipBox
SetViewportExtEx
CreateBitmap
GetDeviceCaps
RectVisible
PtVisible
SetMapMode
RestoreDC
SaveDC
OffsetViewportOrgEx

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

ole32

CLSIDFromProgID
CLSIDFromString
CoInitializeEx
OleRun
CoCreateInstance

oleaut32

VariantChangeType
SysStringLen
VariantClear
SafeArrayAccessData
SafeArrayDestroy
SafeArrayGetVartype
SafeArrayUnaccessData
SysFreeString
SafeArrayGetUBound
VariantInit
GetErrorInfo
SysAllocString

oleacc

CreateStdAccessibleObject
LresultFromObject

Sections

.text
Size: 257KB - Virtual size: 257KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f68df02926515b28da1ae5bf3a97c058

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ws2_32

kernel32

user32

gdi32

winspool.drv

ole32

oleaut32

oleacc

Sections

.text Size: 257KB - Virtual size: 257KB

.rdata Size: 50KB - Virtual size: 50KB

.data Size: 13KB - Virtual size: 30KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 36KB - Virtual size: 35KB

.text
Size: 257KB - Virtual size: 257KB

.rdata
Size: 50KB - Virtual size: 50KB

.data
Size: 13KB - Virtual size: 30KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 36KB - Virtual size: 35KB