9786e966c5a934a5aab0e3d3fe682c4f95e708e9878db3175dfd2fe1c22a31e4_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

9786e966c5a934a5aab0e3d3fe682c4f95e708e9878db3175dfd2fe1c22a31e4_NeikiAnalytics.exe
Size

136KB
MD5

3c42dac262cc2bf806b910a735952200
SHA1

c0afd13e6e6eb626690aaedd5380889edf0b4a6c
SHA256

9786e966c5a934a5aab0e3d3fe682c4f95e708e9878db3175dfd2fe1c22a31e4
SHA512

ba56abb912c1016c9b5db4ff7fb0ba6dced02fe077bd57431bd16771daa3acdf924ceacf939cfc21dac7e3894b9a4c4ee57631285e22d68c97c9860c31548147
SSDEEP

3072:4NX666//lr3f5c7x4kJeVJsos4Tr8kxECnU:4U66//lBc7xWtU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9786e966c5a934a5aab0e3d3fe682c4f95e708e9878db3175dfd2fe1c22a31e4_NeikiAnalytics.exe

Files

9786e966c5a934a5aab0e3d3fe682c4f95e708e9878db3175dfd2fe1c22a31e4_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

9524fbc20d9055447b418127eb904570

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
ReadFile
CreateFileA
CopyFileA
CreateThread
GetSystemDirectoryA
CreateProcessA
GetVersionExA
DeviceIoControl
SetLastError
CreateEventA
SetThreadPriority
TerminateThread
SetEvent
WaitForSingleObjectEx
InterlockedDecrement
InterlockedIncrement
GetStringTypeW
GetStringTypeA
GetUserDefaultLangID
CreateMutexA
GetACP
CompareStringW
CompareStringA
GetCPInfo
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
LCMapStringW
LCMapStringA
MultiByteToWideChar
WideCharToMultiByte
HeapSize
SetEnvironmentVariableA
GetCurrentThreadId
WaitForSingleObject
LeaveCriticalSection
FreeLibrary
ReleaseMutex
CloseHandle
Sleep
LoadLibraryA
GetProcAddress
GetModuleFileNameA
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
GetOEMCP
GetCurrentProcess
TerminateProcess
GetLastError
HeapFree
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapDestroy
HeapCreate
VirtualFree
HeapAlloc
VirtualAlloc
HeapReAlloc
IsBadWritePtr
TlsSetValue
TlsAlloc
TlsGetValue

user32

wsprintfA
DefWindowProcA
PostQuitMessage
DestroyWindow
PeekMessageA
GetSystemMetrics
SendMessageA
GetDesktopWindow
GetDC
ReleaseDC
GetWindowRect
SetWindowPos
GetForegroundWindow
GetWindowThreadProcessId
AttachThreadInput
SetForegroundWindow
DialogBoxParamA
IsDlgButtonChecked
EndDialog
LoadStringA
SetWindowTextA
GetDlgItem
SetDlgItemTextA
PostMessageA
FindWindowA
RegisterClassA
CreateWindowExA
GetMessageA
TranslateMessage
DispatchMessageA

gdi32

GetDeviceCaps

advapi32

RegCreateKeyA
RegNotifyChangeKeyValue
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
RegCloseKey
RegOpenKeyA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Exports

Exports

DllGetVersion

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9524fbc20d9055447b418127eb904570

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

version

Exports

Exports

Sections

.text Size: 44KB - Virtual size: 44KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 6KB

.rsrc Size: 72KB - Virtual size: 72KB

.text
Size: 44KB - Virtual size: 44KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 6KB

.rsrc
Size: 72KB - Virtual size: 72KB