Static task
static1
Behavioral task
behavioral1
Sample
93ee236d90b99a64d3c5aa63578eb79d3b35882ff027465d3f3295fb96a0833b_NeikiAnalytics.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
93ee236d90b99a64d3c5aa63578eb79d3b35882ff027465d3f3295fb96a0833b_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
General
-
Target
93ee236d90b99a64d3c5aa63578eb79d3b35882ff027465d3f3295fb96a0833b_NeikiAnalytics.exe
-
Size
112KB
-
MD5
4b293a96eb52a34abebc35c1cf0578b0
-
SHA1
73dfaa6bd435f4edfcf5d25facbd07964a7b73df
-
SHA256
93ee236d90b99a64d3c5aa63578eb79d3b35882ff027465d3f3295fb96a0833b
-
SHA512
5865cbf2ec5c76a9e75aee86ba5dff6d6d53e07ade6da1bacca249b03850a2c99465f6c6ccc43d524943d60626149f10b854a8062547b7281e8cf8cdd872e2e3
-
SSDEEP
1536:8WuHss5PTezIkem0xqTflhIXMdYdBgrGRo:+HjN3m0EAM2fgrEo
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 93ee236d90b99a64d3c5aa63578eb79d3b35882ff027465d3f3295fb96a0833b_NeikiAnalytics.exe
Files
-
93ee236d90b99a64d3c5aa63578eb79d3b35882ff027465d3f3295fb96a0833b_NeikiAnalytics.exe.exe windows:4 windows x86 arch:x86
fe53f9cec3086626b9ee1954eaf8fbe5
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
lstrcpynA
Sleep
DebugBreak
OutputDebugStringA
GetStringTypeExA
GetThreadLocale
lstrcmpiA
lstrcpyA
LeaveCriticalSection
EnterCriticalSection
LoadLibraryA
CloseHandle
GetLastError
CreateMutexA
SetLastError
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
lstrcpynW
FlushInstructionCache
GetCurrentProcess
FlushFileBuffers
LCMapStringW
LCMapStringA
SetStdHandle
GetProcAddress
InterlockedIncrement
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
SetFilePointer
WriteFile
RtlUnwind
TlsGetValue
TlsAlloc
TlsSetValue
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
TerminateProcess
VirtualAlloc
VirtualFree
HeapCreate
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
HeapAlloc
HeapReAlloc
HeapFree
GetModuleFileNameA
GetVersionExA
lstrlenA
GetCurrentDirectoryA
SetCurrentDirectoryA
FreeLibrary
InterlockedDecrement
GetCurrentThreadId
GetOEMCP
user32
CallWindowProcA
SetWindowLongA
FindWindowA
TrackPopupMenu
DestroyMenu
IsWindowVisible
SendMessageA
CreateWindowExA
SetDlgItemTextA
RegisterWindowMessageA
DispatchMessageA
TranslateMessage
PostQuitMessage
LoadStringW
GetMessageA
PeekMessageA
TranslateAcceleratorA
GetClassInfoExA
LoadCursorA
wsprintfA
LoadImageA
RegisterClassExA
LoadStringA
LoadMenuA
LoadAcceleratorsA
DialogBoxParamA
MessageBoxA
DestroyWindow
IsCharAlphaNumericA
EnableWindow
GetWindowTextLengthA
GetWindowTextA
DefWindowProcA
MessageBeep
SetFocus
CharNextA
wvsprintfA
GetWindowLongA
GetWindow
GetWindowRect
GetClientRect
MapWindowPoints
SetWindowPos
GetDlgItem
GetParent
EndDialog
SystemParametersInfoA
DestroyIcon
KillTimer
keybd_event
SetMenuItemInfoA
SetWindowTextA
LoadIconA
SetTimer
GetCursorPos
SetForegroundWindow
CreatePopupMenu
InsertMenuA
PostMessageA
GetActiveWindow
comdlg32
GetOpenFileNameA
GetSaveFileNameA
advapi32
RegCloseKey
RegQueryValueExA
RegOpenKeyA
RegSetValueExA
RegCreateKeyA
RegCreateKeyExA
RegOpenKeyExA
shell32
ShellExecuteA
Shell_NotifyIconA
ole32
CoInitialize
CoUninitialize
comctl32
InitCommonControlsEx
wdaccess
_KB_DEVICE_Open@4
_KB_DEVICE_Close@0
Sections
.text Size: 60KB - Virtual size: 56KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 8KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 32KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ