94ae7be425aac9725153dc461c7b80da7fd4124d93a17a07bf3b0a6ab04874db_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

94ae7be425aac9725153dc461c7b80da7fd4124d93a17a07bf3b0a6ab04874db_NeikiAnalytics.exe
Size

250KB
MD5

28516de639ac717cef9a5b9d950b3320
SHA1

50ada0f5fb7898052251d79561a03c11219c3882
SHA256

94ae7be425aac9725153dc461c7b80da7fd4124d93a17a07bf3b0a6ab04874db
SHA512

4bae6329ef0d94aa38d3a6f617f407b1f071346dc90b0288e26e76f9afb320c2df4b1f5cb31242c0c367386082891f5e06fbe256eb9566159d73b4eea60a7647
SSDEEP

3072:+C7UVJGluyehjOmZtO+/E/lpa8qtO5VrEHdfM/:+CYsmZAzlpz5JEHdk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
94ae7be425aac9725153dc461c7b80da7fd4124d93a17a07bf3b0a6ab04874db_NeikiAnalytics.exe

Files

94ae7be425aac9725153dc461c7b80da7fd4124d93a17a07bf3b0a6ab04874db_NeikiAnalytics.exe
.exe windows:5 windows x86 arch:x86

3c3da535c528dc1aa126b6d3b702579e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FormatMessageA
CreateEventA
SetEvent
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
GetCommandLineA
GetStartupInfoA
GetVersion
ExitProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetEnvironmentVariableA
HeapCreate
VirtualFree
CreateThread
GetLastError
WriteFile
HeapAlloc
LCMapStringA
GlobalUnlock
GlobalLock
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
IsBadWritePtr
SetFilePointer
GetStringTypeA
GetStringTypeW
SetStdHandle
ReadFile
FlushFileBuffers
FindResourceA
LocalFree
CloseHandle
IsDBCSLeadByte
LoadResource
LockResource
WideCharToMultiByte
LoadLibraryA
FreeLibrary
GlobalAlloc
lstrlenW
lstrcmpA
HeapFree
DebugBreak
TerminateProcess
lstrlenA
GetCurrentProcess
FlushInstructionCache
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
InterlockedDecrement
InterlockedIncrement
lstrcpyA
GetCurrentProcessId
GetModuleHandleA
GetProcAddress
GetVersionExA
LCMapStringW
GetCPInfo
RtlUnwind
LocalAlloc
GetTickCount
GetLocalTime
QueryPerformanceCounter
GlobalMemoryStatus
GetDiskFreeSpaceA
MultiByteToWideChar
WaitForSingleObject
GetComputerNameA
FreeResource

gdi32

CreateDIBitmap
SetTextColor
ExtTextOutA
GetTextMetricsA
SetBkColor
DeleteObject
CreateCompatibleBitmap
CreateSolidBrush
SelectObject
BitBlt
CreateCompatibleDC
GetStockObject
GetObjectA
DeleteDC
GetDeviceCaps

user32

ReleaseDC
GetDesktopWindow
GetDC
ReleaseCapture
SetCapture
InvalidateRect
GetSysColor
InvalidateRgn
IsChild
GetFocus
EndPaint
FillRect
BeginPaint
GetDlgItem
RedrawWindow
GetClassNameA
CreateAcceleratorTableA
CallWindowProcA
PostQuitMessage
RegisterWindowMessageA
MapWindowPoints
SetDlgItemTextA
GetWindow
GetWindowTextLengthA
CreateDialogIndirectParamA
ModifyMenuA
ShowWindow
SendDlgItemMessageA
LoadImageA
GetDlgItemTextA
CheckDlgButton
IsDlgButtonChecked
DispatchMessageA
TranslateMessage
GetMessageA
GetParent
GetWindowTextA
SetWindowTextA
PostMessageA
SetWindowLongA
GetWindowLongA
CreateMenu
AppendMenuA
SendMessageA
GetClassInfoExA
wsprintfA
RegisterClassExA
WinHelpA
MessageBoxA
SetFocus
EndDialog
DefWindowProcA
LockWindowUpdate
DialogBoxParamA
IsWindow
DrawIcon
LoadIconA
EnableWindow
GetClientRect
DestroyWindow
CreateWindowExA
LoadStringA
LoadCursorA
SetCursor
AdjustWindowRect
OffsetRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
SetWindowPos
MoveWindow
IsZoomed
GetSystemMenu
GetDialogBaseUnits
SetForegroundWindow
EnableMenuItem
SetWindowPlacement
CopyRect
DrawFocusRect
GetKeyboardType
GetCursorPos
GetMessageTime

shell32

ExtractIconA

ole32

StringFromCLSID
CoTaskMemAlloc
CoTaskMemFree
OleUninitialize
CLSIDFromString
CoCreateInstance
CoUninitialize
CoInitialize
OleLockRunning
CLSIDFromProgID
OleInitialize
CreateStreamOnHGlobal

oleaut32

SysStringByteLen
VariantClear
SysStringLen
LoadRegTypeLi
SysAllocString
SysFreeString
SysAllocStringLen
SysAllocStringByteLen

comctl32

ord17
InitCommonControlsEx

advapi32

RegQueryValueExA
RegOpenKeyExA
GetUserNameA
RegCloseKey
RegDeleteValueA
RegEnumKeyExA
RegSetValueExA
RegCreateKeyExA

wsock32

gethostbyaddr
inet_addr
gethostbyname

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3c3da535c528dc1aa126b6d3b702579e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

user32

shell32

ole32

oleaut32

comctl32

advapi32

wsock32

Sections

.text Size: 96KB - Virtual size: 95KB

.data Size: 13KB - Virtual size: 19KB

.rsrc Size: 140KB - Virtual size: 139KB

.text
Size: 96KB - Virtual size: 95KB

.data
Size: 13KB - Virtual size: 19KB

.rsrc
Size: 140KB - Virtual size: 139KB