4709788ebc402eb5633f66d9c534b14b3ceb09a738b3f6b8011affe755bf1f2f_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

4709788ebc402eb5633f66d9c534b14b3ceb09a738b3f6b8011affe755bf1f2f_NeikiAnalytics.exe
Size

156KB
MD5

bf448e6fed9a08c3f4fe1bfc6fb6fa70
SHA1

2893efec58eea8bf8fa2ddd26846723943fa8466
SHA256

4709788ebc402eb5633f66d9c534b14b3ceb09a738b3f6b8011affe755bf1f2f
SHA512

55562ed5f6c2d4f81fbbb3c9e9f170fbc49a3c16c274be645c4029e6ddf4a63f731a847db84d75e2f8ab67b8e8ca9e3a84c6d7eb1be6784c58ab005d6bb622ac
SSDEEP

3072:z38XBrwkaz8oGuRLMoIgt8OPHq0tCsE/MJFOySlpQ2w+M:z3m5wDzhGwLMF4qtPukQ/+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4709788ebc402eb5633f66d9c534b14b3ceb09a738b3f6b8011affe755bf1f2f_NeikiAnalytics.exe

Files

4709788ebc402eb5633f66d9c534b14b3ceb09a738b3f6b8011affe755bf1f2f_NeikiAnalytics.exe
.dll windows:4 windows x86 arch:x86

6c19dc3f7c651e5334806b425eb65ca4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\tpw4\Dll2\Release\DLL2.pdb

Imports

kernel32

lstrcatA
GetModuleHandleA
SetErrorMode
lstrcmpA
RaiseException
InterlockedIncrement
FileTimeToLocalFileTime
GetFileAttributesA
GetFileTime
GlobalFlags
lstrcmpW
FreeLibrary
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCPInfo
GetOEMCP
GetCurrentThreadId
HeapFree
HeapAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
ExitProcess
GetCommandLineA
HeapReAlloc
SetStdHandle
GetFileType
HeapSize
TerminateProcess
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetHandleCount
GetStdHandle
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
InterlockedDecrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
FileTimeToSystemTime
LoadLibraryA
GetProcAddress
CreateFileA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
lstrcpyA
GetCurrentProcess
DuplicateHandle
CloseHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DeleteFileA
GetModuleFileNameA
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
lstrcpynA
LocalFree
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
FindResourceA
LoadResource
LockResource
SizeofResource
GetLastError
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange

user32

DestroyMenu
PostQuitMessage
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
LoadIconA
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
PostMessageA
AdjustWindowRectEx
GetClassInfoA
RegisterClassA
DefWindowProcA
CallWindowProcA
SystemParametersInfoA
IsIconic
GetWindowPlacement
CopyRect
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowPos
SetWindowLongA
GetDlgItem
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetFocus
SetWindowTextA
CharUpperA
GetClassNameA
LoadCursorA
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
UnregisterClassA
SetWindowsHookExA
CallNextHookEx
DispatchMessageA
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
EnableWindow
IsWindowEnabled
GetLastActivePopup
GetWindowLongA
GetParent
MessageBoxA
SendMessageA
GetSystemMetrics
GetKeyState
PeekMessageA
ValidateRect
UnhookWindowsHookEx
GetWindowTextA

oleaut32

VariantChangeType
VariantClear
VariantInit

comctl32

ord17

shlwapi

PathFindExtensionA
PathFindFileNameA
PathIsUNCA
PathStripToRootA

oleacc

LresultFromObject
CreateStdAccessibleObject

gdi32

GetStockObject
DeleteObject
CreateBitmap
GetClipBox
SetTextColor
SetBkColor
OffsetViewportOrgEx
DeleteDC
SaveDC
RestoreDC
SetMapMode
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
GetDeviceCaps
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
SetViewportExtEx

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

comdlg32

GetFileTitleA

Exports

Exports

sum
updateCSV

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6c19dc3f7c651e5334806b425eb65ca4

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

oleaut32

comctl32

shlwapi

oleacc

gdi32

winspool.drv

comdlg32

Exports

Exports

Sections

.text Size: 92KB - Virtual size: 91KB

.rdata Size: 24KB - Virtual size: 21KB

.data Size: 8KB - Virtual size: 19KB

.reloc Size: 28KB - Virtual size: 25KB

.text
Size: 92KB - Virtual size: 91KB

.rdata
Size: 24KB - Virtual size: 21KB

.data
Size: 8KB - Virtual size: 19KB

.reloc
Size: 28KB - Virtual size: 25KB