8e69a29957a60faaa740e46b909ea8dddb5c2165e7ce487242d1fb616f5e00ae_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

8e69a29957a60faaa740e46b909ea8dddb5c2165e7ce487242d1fb616f5e00ae_NeikiAnalytics.exe
Size

8.5MB
MD5

d8b66c9528592825a93132daf8903790
SHA1

00a2f3bfbda4f613bfa4ba1d2fa51436647150ae
SHA256

8e69a29957a60faaa740e46b909ea8dddb5c2165e7ce487242d1fb616f5e00ae
SHA512

1729e70c0d6e47c996a7b45bc2c52a5ed2592797403d3b8efab3851de67d8b750d63b690444668323dced3e1fccd895838fb1122a33ac8c639100ced8c370f40
SSDEEP

98304:YbI7iDknrMR0AmrNWzhQph3Tkeo+mql2Vbh:YsUfmrNWzhQph3Tkeo+mM21h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e69a29957a60faaa740e46b909ea8dddb5c2165e7ce487242d1fb616f5e00ae_NeikiAnalytics.exe

Files

8e69a29957a60faaa740e46b909ea8dddb5c2165e7ce487242d1fb616f5e00ae_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

3d017e7a5ffe1a97ffc1b5dc159e4385

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SelectObject
GetDeviceCaps
DeleteDC
CreateCompatibleDC
CreateDIBSection
DeleteObject

user32

CreateWindowExA
RegisterClassExA
DestroyWindow
GetSysColor
SetWindowLongA
UnregisterClassA
IsWindowVisible
ShowWindow
GetDC
DefWindowProcA
SetTimer
CallWindowProcA
KillTimer
UpdateWindow

kernel32

GetProcAddress
RtlMoveMemory
GetModuleHandleA
GetVersionExA

msvbvm60

EVENT_SINK_GetIDsOfNames
__vbaVarSub
__vbaR8FixI4
ord690
__vbaStrI2
_CIcos
_adj_fptan
__vbaStrI4
__vbaVarMove
__vbaVarVargNofree
__vbaAryMove
__vbaFreeVar
ord588
__vbaLenBstr
__vbaLateIdCall
__vbaStrVarMove
__vbaEnd
__vbaVarIdiv
__vbaFreeVarList
_adj_fdiv_m64
EVENT_SINK_Invoke
__vbaRaiseEvent
__vbaFreeObjList
ord516
ord517
_adj_fprem1
ord518
__vbaRecAnsiToUni
ord519
ord626
__vbaI2Abs
__vbaResume
__vbaCopyBytes
__vbaVarCmpNe
__vbaForEachCollAd
__vbaStrCat
ord552
ord660
__vbaLsetFixstr
ord661
__vbaSetSystemError
__vbaHresultCheckObj
ord557
__vbaLenVar
_adj_fdiv_m32
__vbaVarTstLe
ord666
__vbaAryVar
Zombie_GetTypeInfo
ord668
__vbaAryDestruct
__vbaLateMemSt
ord591
EVENT_SINK2_Release
ord593
__vbaVarForInit
__vbaForEachCollObj
__vbaExitProc
ord300
ord594
__vbaI4Abs
ord595
__vbaObjSet
__vbaOnError
_adj_fdiv_m16i
ord303
__vbaObjSetAddref
_adj_fdivr_m16i
__vbaVarIndexLoad
ord598
ord305
ord599
__vbaFpR4
ord306
__vbaStrFixstr
__vbaBoolVar
__vbaFPFix
ord309
__vbaBoolVarNull
__vbaVargVar
__vbaFpR8
_CIsin
ord524
ord631
__vbaErase
ord525
__vbaVarCmpGt
ord632
__vbaNextEachCollObj
__vbaVarZero
__vbaChkstk
ord526
__vbaFileClose
EVENT_SINK_AddRef
ord527
ord528
__vbaGenerateBoundsError
__vbaExitEachColl
ord529
__vbaStrCmp
__vbaPutOwner3
__vbaAryConstruct2
__vbaVarTstEq
__vbaPrintObj
ord561
__vbaI2I4
__vbaObjVar
DllFunctionCall
__vbaVarOr
__vbaVarLateMemSt
__vbaFpUI1
__vbaCastObjVar
__vbaRedimPreserve
__vbaLbound
_adj_fpatan
__vbaR4Var
__vbaFixstrConstruct
__vbaLateIdCallLd
Zombie_GetTypeInfoCount
__vbaStrR8
__vbaRedim
__vbaRecUniToAnsi
EVENT_SINK_Release
__vbaNew
ord600
__vbaUI1I2
_CIsqrt
__vbaVarAnd
__vbaLateIdCallSt
__vbaObjIs
ord311
EVENT_SINK_QueryInterface
__vbaVarMul
__vbaStr2Vec
__vbaUI1I4
__vbaExceptHandler
ord711
ord313
__vbaPrintFile
__vbaStrToUnicode
ord712
_adj_fprem
_adj_fdivr_m64
__vbaVarDiv
ord607
__vbaI2Str
__vbaLateIdStAd
ord608
ord531
ord716
__vbaFPException
__vbaInStrVar
ord717
ord319
__vbaGetOwner3
__vbaUbound
__vbaStrVarVal
__vbaVarCat
__vbaI2Var
ord537
ord644
ord645
_CIlog
__vbaErrorOverflow
__vbaFileOpen
__vbaVarLateMemCallLdRf
__vbaR8Str
__vbaInStr
ord648
__vbaVar2Vec
__vbaNew2
_adj_fdiv_m32i
ord572
_adj_fdivr_m32i
ord573
__vbaStrCopy
EVENT_SINK2_AddRef
__vbaI4Str
ord681
__vbaVarCmpLt
__vbaFreeStrList
_adj_fdivr_m32
__vbaR8Var
__vbaPowerR8
_adj_fdiv_r
ord685
ord578
ord100
__vbaVarTstNe
__vbaVarSetVar
__vbaI4Var
ord689
__vbaVarCmpEq
__vbaLateMemCall
__vbaVarAdd
__vbaAryLock
ord320
__vbaFreeVarg
__vbaVarDup
__vbaStrToAnsi
ord321
__vbaVerifyVarObj
ord614
__vbaFpI2
__vbaVarLateMemCallLd
ord616
__vbaVarCopy
__vbaFpI4
__vbaR8IntI2
__vbaVarSetObjAddref
__vbaRecDestructAnsi
ord617
__vbaLateMemCallLd
_CIatan
ord618
__vbaAryCopy
__vbaCastObj
__vbaStrMove
__vbaStrVarCopy
ord619
_allmul
__vbaFpCSngR4
__vbaLateIdSt
ord652
_CItan
__vbaNextEachCollAd
ord546
__vbaUI1Var
__vbaAryUnlock
__vbaVarForNext
_CIexp
__vbaR8FixI2
__vbaFreeObj
__vbaFreeStr
ord581

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.7MB - Virtual size: 4.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3d017e7a5ffe1a97ffc1b5dc159e4385

Headers

File Characteristics

Imports

gdi32

user32

kernel32

msvbvm60

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.data Size: 4KB - Virtual size: 78KB

.rsrc Size: 4.7MB - Virtual size: 4.7MB

.text
Size: 1.9MB - Virtual size: 1.9MB

.data
Size: 4KB - Virtual size: 78KB

.rsrc
Size: 4.7MB - Virtual size: 4.7MB