744168718dc709a89b2c274b7606eb37a4cd74fea4de5873f7c3f0ac8241ea0c_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

744168718dc709a89b2c274b7606eb37a4cd74fea4de5873f7c3f0ac8241ea0c_NeikiAnalytics.exe
Size

260KB
MD5

2327e3c5d1f224ba952f521aa79613e0
SHA1

6446fad32fe87b63459bd536456f96cbc3d87855
SHA256

744168718dc709a89b2c274b7606eb37a4cd74fea4de5873f7c3f0ac8241ea0c
SHA512

d5e2ae2bfa4a5b99b669fa5b21d05fda504815be95c13e5681dd152226e14b4fc4d6c7839cc65fe3512dc99979ca668b49b16ab075af53f61f6d81fd213af943
SSDEEP

3072:vBtnrpM1LGxp9qkG0eYpet3NPrl7DVno3SspTicc6rg89y6qwJ9R:W1Sxp9JG0hM370pTfrg7GX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
744168718dc709a89b2c274b7606eb37a4cd74fea4de5873f7c3f0ac8241ea0c_NeikiAnalytics.exe

Files

744168718dc709a89b2c274b7606eb37a4cd74fea4de5873f7c3f0ac8241ea0c_NeikiAnalytics.exe
.dll windows:4 windows x86 arch:x86

bac3575b4c9c852d0d75c42893cc9bc4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

ShowWindow
GetWindowPlacement
IsIconic
SetWindowPos
SystemParametersInfoA
RegisterWindowMessageA
SetForegroundWindow
GetForegroundWindow
GetMessagePos
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
CreateWindowExA
DefWindowProcA
GetMenuItemID
GetSubMenu
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
SetWindowLongA
CopyRect
GetClientRect
AdjustWindowRectEx
GetTopWindow
MapWindowPoints
UpdateWindow
LoadIconA
GetSysColorBrush
DestroyMenu
IsDialogMessageA
SendDlgItemMessageA
GetSysColor
GrayStringA
DrawTextA
TabbedTextOutA
ReleaseDC
GetDC
GetMenuItemCount
wsprintfA
UnhookWindowsHookEx
GetWindowTextA
SetWindowTextA
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetClassNameA
LoadStringA
SetFocus
SetCursor
SetActiveWindow
IsWindow
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
EnableWindow
SendMessageA
PostMessageA
PostQuitMessage
GetSystemMetrics
PeekMessageA
DispatchMessageA
TranslateMessage
CharUpperA
LoadCursorA
CreateDialogIndirectParamA
DestroyWindow
EndDialog

comctl32

ord17

kernel32

GetCPInfo
GetOEMCP
SetEndOfFile
RtlUnwind
GetCommandLineA
ExitProcess
TerminateProcess
HeapFree
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
GetACP
FlushFileBuffers
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
SetStdHandle
IsBadReadPtr
IsBadCodePtr
ReadFile
SetFilePointer
WriteFile
CreateFileA
GetCurrentProcess
FreeLibrary
GetProcessVersion
LoadLibraryA
GlobalAddAtomA
GetVersion
GlobalGetAtomNameA
GetModuleHandleA
GlobalFindAtomA
GetLastError
GetProcAddress
SetLastError
WritePrivateProfileStringA
lstrcpyA
lstrcatA
SetHandleCount
GetCurrentThreadId
lstrcmpiA
GlobalFlags
MulDiv
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
lstrcpynA
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
CloseHandle
GetModuleFileNameA
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
GetFileType
GetStdHandle
GetCurrentThread

gdi32

CreateBitmap
DeleteObject
DeleteDC
SaveDC
RestoreDC
SelectObject
GetStockObject
SetBkColor
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
GetDeviceCaps
RectVisible
TextOutA
PtVisible
Escape
ExtTextOutA
GetObjectA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

comdlg32

GetSaveFileNameA
GetOpenFileNameA

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegSetValueExA

Exports

Exports

AscToDxf
AscToWmf
DxfToAsc
SaveDialog
Version
WmfToAsc

Sections

.text
Size: 192KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bac3575b4c9c852d0d75c42893cc9bc4

Headers

File Characteristics

Imports

user32

comctl32

kernel32

gdi32

winspool.drv

comdlg32

advapi32

Exports

Exports

Sections

.text Size: 192KB - Virtual size: 191KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 12KB - Virtual size: 23KB

.reloc Size: 16KB - Virtual size: 13KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 192KB - Virtual size: 191KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 12KB - Virtual size: 23KB

.reloc
Size: 16KB - Virtual size: 13KB

.rsrc
Size: 16KB - Virtual size: 16KB