6e8eb5e9d3c0d4ab46cf9a1e80a52f3c376e2527d0df1dd39a9ef566718da122_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

6e8eb5e9d3c0d4ab46cf9a1e80a52f3c376e2527d0df1dd39a9ef566718da122_NeikiAnalytics.exe
Size

2.2MB
MD5

56f65291b8a905a41d6138e538267070
SHA1

693e750b21f88be00de34ead986959edfa9e98ea
SHA256

6e8eb5e9d3c0d4ab46cf9a1e80a52f3c376e2527d0df1dd39a9ef566718da122
SHA512

7d250a7061f2af99caaf3055645c83eacaa45e587783f9a6f4e9dae502e8c73e27032a8f7abbbedae927956eb81753872b2adcb7c15afd2d94b50fcbe916748a
SSDEEP

24576:rwbSpkH+6BRWILB9w+HsYda5Tx2FH5pisepR1mAOplAXzWyRr/2XSj8m2a2f5Q2N:qfdcRUQ2N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6e8eb5e9d3c0d4ab46cf9a1e80a52f3c376e2527d0df1dd39a9ef566718da122_NeikiAnalytics.exe

Files

6e8eb5e9d3c0d4ab46cf9a1e80a52f3c376e2527d0df1dd39a9ef566718da122_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

e77173e5b6a06e3bf7c8fa326913e150

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

bc32fn

CallDllFunction2
pFrmtBuffer
VARLIST
TABOffset
RPEE
RFLV
RPED
RADDR
CheckProto
Open2
szTmpBuf
PHB
Unlock
DBFILEINFO
Next
Search
ZNOKEY
Find
CreateKey
Insert
Update
FormatNumber
GetPartOfString
GetLeftChar
FormatDouble
FindDB5
ZENDFIL
GetDB6
ComposeFileName
PHD
SetCondition
BCRound
ZDB_VALRECORD
SearchString
StrToUpper
SkipLRBlk
GetSysTime2
SetString
ZBCLASTCHR
IDS_SPRING
ZVER_CONFIG
ZBCERR
CheckDll
WriteDB5
DelDB4
XRS1
TABSet
Delete
TABClosePrinting
TABCloseSettings
TABJumpRowsExt
TABWriteLineExt
TABCheckIntrExt
PRINTINFO
ZRCID
ZSYSTEM
RCISSW
FormatDate
InvertDate
XRS2
fd3
fd10
fd11
fd1
ISAMExvInterpreter
CharAscii
DEFDYNSTRUCT_End
DEFDYNSTRUCT_ERRORE
DEFDYNSTRUCT_INDOLD
DEFDYNSTRUCT_CAMPI
DEFDYNSTRUCT_STRUTTURA
DEFDYNSTRUCT_Init
strtrim
@BCTracePrint4@4
PHE
PHDLL
CheckDate
GetRightChar
InvertPeriod
UpdateDB5
CountDB3
Close
MatchString
GetDBK4
SkipLeftBlk
ZOPERATORE
fndate
InsDB6
fd4
iProtMat1
ZMAXREC
DBXISAMExvInterpreter
iDBXError
fd12
BCXFreeDynaArray
BCXGetDynaArray
ZBCMSG
GetPrinterInfo5
ZPKR
CopyDBStruct5
DEFDYNSTRUCT_DFX
DelDBStruct5
GetDBStruct5
FindDBStruct5
WriteDBStruct6
InsDBStruct5
FNCFE
ZEXVALUTA
SetExEuro
FormatSearchGraph
FRMCheckFormGraph
FRMSetNOTNameGraph
ZPRFLGRAPH
DeleteOption2
iProtMat
ZDUPKEY
ZDBSERVER
InitOutputINT
InitInputLONG
InitInputINT
iSopError
ReadOption3
AddSl
ZEXEURO
pszTmpPtr
BCXGetEnv
CheckPrinter2
fnoemansi
SaveOption2
InListDouble
WSP
ZNPRINTERS
GetPrinters2
PHT
EXPWriteExportFile
Kill
BCGetFileSize
BCXReadProgramOptions
BCXWriteProgramOptions
MakeDirectory
ZEXGRUP
ZEXNUM
EXPORTINFO
CheckEscape
fnyear
@BCTracePrint5@8
GR
SkipRightBlk
WS
StrAdd
DefineOutputDev
AllocLocalData
pvTerminateProgram
FreeLocalData
DBDatabase
pInfoExe
DBClose
DBXAccess
BcxExit
ZPREXTEND
bPrintFileName
bGetActualArgsExv
ZEXVARG
PropertiesEx
ZTRADVER
ZMINVER
ZMINVERUX
@BCTracePrintSignature2@4
@BCTracePrint3@8
pszCurrentModule
@BCTracePrint6@12
DITTA
CallBCFunction
bOptimizeSearch
iNewFrmSpec
pszSUBProto
psArgv
iArgc
CallAllPrograms
PROGC
ZNOMEXE
BcMain2
ApplyContext3

bc32ui

RCI
RRI
DefFuncKey3
DefineAdvGridNoHeaderCol
DefineAdvGridNoRepeat
DefineAdvGridCollapseGroup2
DefineGrid28
ZVIDNAME
DefineWindow10
pszID
ZGCOL_ORDNUM
DefineStyle4
TRIC
ExitSub
DefineGroupBox3
GetStyle
DefineEdit12
DefineComboOptions
DefineTVDouble
DefineLabel4
DefineFormat
EntrySub2
LoadControlStruct
InsertColGrid10
DefineTVString
DefineCellGrid16
InsertRowGrid9
ZGRIGA
DefineVarsEx2
InsertVarsEx2
ResetVid8
ZGCOL_ORDDIR
ZGCOL_ORDCURDIR
ExitWindow
ZINIDEC
FreeBlob
SetFuncKeyHide
SetLabelHide
SetEditConditions3
DefineFrame2
ZGRIGHE_TOT
WgsGetVideoInput
WgsDrawScreen
WgsDefineWindow
pszWindowHeader
pszErrorMessage
WgsCheckInputData
WgsSetValidateInput
SYSDATEXT
SetButtonEnable
WgsFileList
NOIVA
RCMKEY
WgsFormatColumn
WgsDrawOutput
RCNOID
ReplaceBlob
GetDynamicStruct2
FindDynamicStruct
CountDynamicStruct
BlobAdd
GettingRowGrid4
SYSANNOEXT
DefinePos4
NRCI
NRRI
GetWindowInput
VIODefineWindowExt
SetGridList
DefineComposite4
ZVIDCOMPEXIT
GetCellGrid3
DefineTree6
ZTNODO
ExpandItemTree
InsertItemTree4
DefineMultiPage10
ZVIDCOMP
GetItemTree3
ZTNODOPADRE
DeleteItemTree
ABCPRB
AddDynamicStruct
DelDynamicStruct
SetDynamicStruct
DeleteRowGrid3
SetCellGrid8
bVideoCondition
ZNUMDEC
WgsMemoryList
RCMEM
SetWindowConditions3
DefineComboOptionsArray
SetPageHide
SetGroupBoxHide
SetCellConditions3
ZGCOL
ZapDynamicStruct
DeleteWindow
GetDblTestDynValue
SetFuncKeyEnable
KillDynamicStruct
GetFormParms13
InitFormPrint6
DefineButton7
WgsRestoreWindow
ZERRDEC
ZMESSTIPO
CheckMail2
SetButtonCoupon2
SetButtonHide2
SetButtonEnable2
SetLabelEnable
SetGroupBoxEnable
BlobMid
BlobCmpString
WgsSetHelpKey
CopyBlob
SendEmail16
DefineAutoRicDec2
RunAutoRic
RunAutoDec
GetFaxes2
ZVIDMOD
DefVidWaitMsg3
SetButtonHide
WgsDrawScreenFrame
ZDECOD
DefineButtonIvt
RunWindow6
ZVIDCOMPVIS
WgsRestoreInputData
ZGCOL_ORDCURNUM
ZNSEL
RO
RIF
RRA
RTAB
wKeyFlags
TraceDebug2
pszDecodMessage
WgsSetEnabledKeys
WgsSetDefinedKeys
WgsSetUncheckedKeys
WgsMessageBoxEx
ABC
DBCreateVars2
DBDefineStructs
CANVID
EntryInitProgramData
cRowsRI
cColsRI
RI
KYM
EntryTerminateProgram
DBRemoveVars
RCCHAN
WgsInitData
ExitTerminateProgram
szProgramName
RCSRCH
SearchSTR
WgsExitAppThread
WgsInitID
ExitInitProgramData

kernel32

TerminateProcess
GetCurrentProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
GetProcAddress
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
LoadLibraryA
LCMapStringA
LCMapStringW
ExitProcess

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 584KB - Virtual size: 586KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e77173e5b6a06e3bf7c8fa326913e150

Headers

File Characteristics

Imports

bc32fn

bc32ui

kernel32

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 584KB - Virtual size: 586KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 584KB - Virtual size: 586KB

.rsrc
Size: 4KB - Virtual size: 1KB