97ca7e9c44640080bda07123682034675008cb8b62a6f3f98e5b0e9c855d4262_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

97ca7e9c44640080bda07123682034675008cb8b62a6f3f98e5b0e9c855d4262_NeikiAnalytics.exe
Size

306KB
MD5

bc01fc37d3b9597f4b2625b78cf60c50
SHA1

ae7a1e9f616183cf115d9c50f8195035dbb701d3
SHA256

97ca7e9c44640080bda07123682034675008cb8b62a6f3f98e5b0e9c855d4262
SHA512

16e0d1c1bb319c09ee66a28793efc52c984b7339a49e80c83e7c2e66715d5b099deaa3b3d9f802ad55e447476f7cd74ba3fa8d607d5d0bfbbebe190b5150f0c1
SSDEEP

6144:09sjqTxj4vZ+GCj0mkrCGCrPlqoF+7UDpMou4Ef9GVmc7NlaCN1TBu:ilj4Z+GG0mkrCGCo6D2ou4E1GVmc7naV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
97ca7e9c44640080bda07123682034675008cb8b62a6f3f98e5b0e9c855d4262_NeikiAnalytics.exe

Files

97ca7e9c44640080bda07123682034675008cb8b62a6f3f98e5b0e9c855d4262_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

3060d1778de46ec26f8d425981aec29e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegCloseKey
RegOpenKeyExA

gdi32

BitBlt
CreateCompatibleDC
DeleteDC
DeleteObject
GetDIBits
GetDeviceCaps
GetObjectA
SelectObject

kernel32

CloseHandle
CompareStringA
CompareStringW
CreateDirectoryA
CreateEventA
CreateFileA
CreateThread
DeleteCriticalSection
DeleteFileA
EnterCriticalSection
EnumCalendarInfoA
EnumResourceLanguagesA
EnumResourceNamesA
EnumResourceTypesA
ExitProcess
ExitThread
FileTimeToDosDateTime
FileTimeToLocalFileTime
FindClose
FindFirstFileA
FindNextFileA
FindResourceA
FindResourceExA
FormatMessageA
FreeLibrary
FreeResource
GetCommandLineA
GetConsoleMode
GetConsoleOutputCP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatA
GetFileSize
GetFileType
GetLastError
GetLocalTime
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetTempPathA
GetThreadLocale
GetThreadPriority
GetTickCount
GetUserDefaultLCID
GetVersionExA
GetWindowsDirectoryA
GlobalAlloc
GlobalFree
GlobalHandle
GlobalLock
GlobalMemoryStatus
GlobalUnlock
HeapAlloc
HeapFree
InitializeCriticalSection
LeaveCriticalSection
LoadResource
LocalAlloc
LocalFree
LockResource
MultiByteToWideChar
OpenProcess
ReadFile
ReadProcessMemory
ResetEvent
ResumeThread
SetErrorMode
SetEvent
SetFilePointer
SetLastError
SetProcessWorkingSetSize
SetThreadLocale
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
SuspendThread
TerminateThread
TlsAlloc
TlsGetValue
TlsSetValue
TryEnterCriticalSection
WaitForSingleObject
WideCharToMultiByte
WriteFile

oleaut32

SafeArrayAccessData
SafeArrayCreate
SafeArrayGetElement
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayRedim
SafeArrayUnaccessData
SysAllocStringLen
SysFreeString
SysReAllocStringLen
VariantChangeTypeEx
VariantClear
VariantCopy
VariantInit

user32

BringWindowToTop
CallNextHookEx
CharLowerA
CharLowerBuffA
CharLowerBuffW
CharUpperA
CharUpperBuffA
CharUpperBuffW
CreateWindowExA
DefWindowProcA
DestroyIcon
DestroyWindow
DispatchMessageA
EndDialog
EnumWindows
GetActiveWindow
GetClassNameA
GetCursorInfo
GetCursorPos
GetDC
GetDesktopWindow
GetKeyState
GetMessageA
GetSystemMetrics
GetWindow
GetWindowTextA
GetWindowThreadProcessId
IsWindow
IsWindowVisible
KillTimer
LoadCursorA
LoadIconA
MessageBeep
MessageBoxA
PeekMessageA
PostMessageA
PostQuitMessage
PostThreadMessageA
RegisterClassA
ReleaseDC
SendMessageA
SetCapture
SetCursorPos
SetTimer
SetWindowsHookExA
ShowWindow
TranslateMessage
UnhookWindowsHookEx
UnregisterClassA
UpdateWindow
WindowFromPoint
wvsprintfA

Sections

.text
Size: 236KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_MEM_DISCARDABLE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3060d1778de46ec26f8d425981aec29e

Headers

File Characteristics

Imports

advapi32

gdi32

kernel32

oleaut32

user32

Sections

.text Size: 236KB - Virtual size: 236KB

.data Size: 51KB - Virtual size: 51KB

.rdata Size: 11KB - Virtual size: 11KB

.bss Size: - Virtual size: 10KB

.CRT Size: 512B - Virtual size: 4B

.idata Size: 5KB - Virtual size: 4KB

.text
Size: 236KB - Virtual size: 236KB

.data
Size: 51KB - Virtual size: 51KB

.rdata
Size: 11KB - Virtual size: 11KB

.bss
Size: - Virtual size: 10KB

.CRT
Size: 512B - Virtual size: 4B

.idata
Size: 5KB - Virtual size: 4KB