5b19fa4e52abc12d5fe09a0ca4f334cc825ec5a4eb88a999498efad370522b33_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

5b19fa4e52abc12d5fe09a0ca4f334cc825ec5a4eb88a999498efad370522b33_NeikiAnalytics.exe
Size

1.9MB
MD5

433a83c7801e3f9714f78bb693be9c60
SHA1

dc6046814b47ba5931ffa83788646be211090cba
SHA256

5b19fa4e52abc12d5fe09a0ca4f334cc825ec5a4eb88a999498efad370522b33
SHA512

56673ae2d8d5867dfb9585e42ab5c34d745a772af0f53470d6cfe8250ef226c6b2aae379a77d939ac56ccdbf150f059b474ee5e3df9a94e5ea6c7cbe739f93c9
SSDEEP

24576:tGyg6Ft2lovkHlHwo3vPxYsRQ9660f1aFdReoKNZlD:tg6EosHlQo3nxRQ96X1abRNY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b19fa4e52abc12d5fe09a0ca4f334cc825ec5a4eb88a999498efad370522b33_NeikiAnalytics.exe

Files

5b19fa4e52abc12d5fe09a0ca4f334cc825ec5a4eb88a999498efad370522b33_NeikiAnalytics.exe
.exe windows:6 windows x64 arch:x64

b70678757edcef4e1a15b740b398a25a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\shams\OneDrive\Src\VC\GB64\x64\Release\GB64.pdb

Imports

comctl32

ord410
InitCommonControlsEx
ord413

kernel32

SetCurrentDirectoryW
GetCurrentDirectoryW
CreateDirectoryW
CreateFileW
DeleteFileW
FileTimeToLocalFileTime
FindFirstFileW
FindNextFileW
FlushFileBuffers
GetFileAttributesW
GetFileAttributesExW
GetFileSizeEx
GetFileType
GetFullPathNameW
GetVolumeInformationW
RemoveDirectoryW
SetFilePointerEx
WriteFile
GetTempPathW
EnterCriticalSection
LeaveCriticalSection
GetWindowsDirectoryW
FileTimeToSystemTime
FormatMessageW
GetConsoleWindow
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
WaitForSingleObject
GetPrivateProfileStringW
WritePrivateProfileStringW
GetConsoleMode
WriteConsoleW
HeapSize
SetStdHandle
GetProcessHeap
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetTimeZoneInformation
GetConsoleOutputCP
ReadConsoleW
HeapReAlloc
EnumSystemLocalesW
IsValidLocale
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
HeapAlloc
HeapFree
GetModuleHandleExW
LoadLibraryExW
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
SetLastError
RaiseException
RtlPcToFileHeader
RtlUnwindEx
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
GetCPInfo
CompareStringEx
LCMapStringEx
DecodePointer
EncodePointer
GetLocaleInfoEx
InitializeCriticalSectionEx
GetStringTypeW
MultiByteToWideChar
WideCharToMultiByte
ResolveLocaleName
EnumSystemLocalesA
GetUserDefaultLCID
LCIDToLocaleName
LocaleNameToLCID
GetLocaleInfoW
GetModuleFileNameW
DeleteCriticalSection
InitializeCriticalSection
QueryPerformanceFrequency
FindClose
GetLocaleInfoA
GetExitCodeProcess
CreateProcessW
SearchPathA
CloseHandle
GetLastError
CreatePipe
GetStdHandle
SetHandleInformation
ReadFile
GetCurrentProcess
SetPriorityClass
MulDiv
RtlUnwind
lstrcpyW
LocalFree
lstrcpyA
GetTickCount64
Sleep
lstrlenW
GetCommandLineW
QueryPerformanceCounter
GetProcAddress
LoadLibraryA
ExitProcess

user32

PeekMessageW
TranslateAcceleratorW
GetForegroundWindow
IsDialogMessageW
RegisterClipboardFormatW
DispatchMessageW
RegisterWindowMessageW
GetActiveWindow
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
MessageBoxW
WaitForInputIdle
MonitorFromPoint
GetMonitorInfoW
UpdateLayeredWindow
GetWindowTextA
GetWindowTextLengthA
TranslateMessage
InvalidateRect
GetParent
SendMessageA
SetFocus
CreateWindowExA
ClientToScreen
RedrawWindow
MessageBeep
SendMessageW
SetWindowLongPtrW
DestroyWindow
GetFocus
PostMessageW
GetKeyState
EnableWindow
EndPaint
BeginPaint
ScreenToClient
SetCapture
SetCursor
ReleaseCapture
DefWindowProcW
ModifyMenuW
LoadMenuW
GetWindowRect
GetMenuItemID
GetMenu
GetDC
IsWindowVisible
SetWindowPos
GetMenuItemCount
FillRect
CreateWindowExW
EndDialog
GetSystemMetrics
WaitMessage
GetWindowLongPtrW
RegisterClassExW
GetWindowPlacement
LoadAcceleratorsW
TrackPopupMenu
LoadStringW
GetSubMenu
ShowWindow
SetTimer
SetWindowPlacement
GetQueueStatus
IsDlgButtonChecked
DestroyMenu
LoadIconW
LoadCursorW
InsertMenuW
RemoveMenu
GetClientRect
GetDlgItem
IsClipboardFormatAvailable
SetRect
KillTimer
CheckDlgButton
PostQuitMessage
EnableMenuItem
SystemParametersInfoW
DialogBoxParamW
UpdateWindow
LoadImageW
ReleaseDC
GetCursorPos

gdi32

GetStockObject
GetObjectW
SelectObject
CreateCompatibleDC
GetTextMetricsW
ExtTextOutW
CreateFontIndirectW
CreateSolidBrush
DeleteObject
SetBkColor
Rectangle
CreatePen
SetBkMode
SetTextColor
TextOutW
DeleteDC
CreateFontW
TextOutA
GetPixel

comdlg32

ChooseFontW
CommDlgExtendedError
ReplaceTextW
FindTextW
ChooseColorW
GetSaveFileNameW
GetOpenFileNameW

advapi32

RegOpenKeyExA
RegCloseKey
RegCreateKeyExA
RegSetValueExW
RegSetValueExA
RegQueryValueExW
RegQueryValueExA
GetUserNameW

shell32

CommandLineToArgvW
SHGetPathFromIDListW
SHFileOperationW
SHGetKnownFolderPath
SHBrowseForFolderW
ShellExecuteW

ole32

CoTaskMemFree
OleUninitialize
OleInitialize

oleaut32

VarCmp
VarDateFromR8
VarDateFromI4
VariantCopy
VariantInit
SysAllocStringByteLen
SysStringLen
VariantTimeToSystemTime
SystemTimeToVariantTime
SysAllocString
VarAdd
SysAllocStringLen
VariantClear
VariantChangeTypeEx
VarBstrFromDate

shlwapi

PathIsRelativeW
PathIsDirectoryW
PathStripToRootW
PathRelativePathToW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 241KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b70678757edcef4e1a15b740b398a25a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

comctl32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

version

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 241KB - Virtual size: 240KB

.data Size: 46KB - Virtual size: 102KB

.pdata Size: 49KB - Virtual size: 49KB

_RDATA Size: 512B - Virtual size: 500B

.rsrc Size: 121KB - Virtual size: 121KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 241KB - Virtual size: 240KB

.data
Size: 46KB - Virtual size: 102KB

.pdata
Size: 49KB - Virtual size: 49KB

_RDATA
Size: 512B - Virtual size: 500B

.rsrc
Size: 121KB - Virtual size: 121KB

.reloc
Size: 5KB - Virtual size: 5KB