9b40ff84f931efbfcac784727438a7fe5fb6026fe49d176c9f4dfc9faf6d18d2_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

9b40ff84f931efbfcac784727438a7fe5fb6026fe49d176c9f4dfc9faf6d18d2_NeikiAnalytics.exe
Size

1.6MB
MD5

5fdfa1f446b864088cc9a8aa97e61c60
SHA1

b7930439de6d49ea1a771ddd69820349b4cd908f
SHA256

9b40ff84f931efbfcac784727438a7fe5fb6026fe49d176c9f4dfc9faf6d18d2
SHA512

33809c0f4d0cd9bff5dd09d51e753560f43a28733714c0f2cda1c803656b452937515a2328aa857819cfa35098a6f6f6528a5aa05c766527419265d1f40e6ee0
SSDEEP

12288:uMNUh2Z1iTkgrtRKCE9+4JqT7qn65T3BcicKlD79ut8l5m+Ggd05+sv2mFiI:uMNw2ChMCM+4JqT7+65XD797+5Fv2yH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9b40ff84f931efbfcac784727438a7fe5fb6026fe49d176c9f4dfc9faf6d18d2_NeikiAnalytics.exe

Files

9b40ff84f931efbfcac784727438a7fe5fb6026fe49d176c9f4dfc9faf6d18d2_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

980d4a5a1d374a276ea0c1abff47a1a3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

PropertySheetA
InitCommonControlsEx
ImageList_LoadImageA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

winmm

waveOutGetPosition
waveOutRestart
waveOutPause
waveOutOpen
waveOutPrepareHeader
waveOutWrite
waveOutUnprepareHeader
waveOutReset
PlaySoundA
waveOutGetVolume
waveOutSetVolume
waveOutGetNumDevs
waveOutClose

msimg32

TransparentBlt

kernel32

GetLongPathNameA
GlobalDeleteAtom
GlobalGetAtomNameA
GetDriveTypeA
GlobalFindAtomA
FreeLibrary
GetSystemDirectoryA
GlobalAddAtomA
CreateMutexA
SetErrorMode
SetEvent
WaitForSingleObject
ReleaseMutex
CreateEventA
DeviceIoControl
WriteFile
ResetEvent
SetFilePointer
FindNextFileA
GetCurrentProcess
GetModuleHandleA
GetVersionExA
QueryPerformanceCounter
MulDiv
MultiByteToWideChar
GetACP
WideCharToMultiByte
OutputDebugStringA
GetCurrentThreadId
QueryPerformanceFrequency
Sleep
SetThreadPriority
InterlockedIncrement
InterlockedDecrement
GetFileAttributesA
MoveFileA
CopyFileExA
CopyFileA
GetOverlappedResult
CancelIo
SetCommState
GetCommState
GetTempPathA
GetTempFileNameA
GetLogicalDriveStringsA
FindResourceA
GetFullPathNameA
FormatMessageA
WaitForMultipleObjects
GetDiskFreeSpaceExA
GetCurrentDirectoryA
GetLogicalDrives
HeapFree
GetSystemTimeAsFileTime
HeapAlloc
HeapReAlloc
FileTimeToSystemTime
GetModuleFileNameA
GetCommandLineA
GetProcessHeap
GetStartupInfoA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetOEMCP
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
ExitProcess
GetStdHandle
GetTimeZoneInformation
LCMapStringA
LCMapStringW
GetConsoleCP
GetConsoleMode
RtlUnwind
RaiseException
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetCurrentProcessId
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
FlushFileBuffers
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
HeapSize
SetEndOfFile
CompareStringA
CompareStringW
SetEnvironmentVariableA
WinExec
LoadLibraryA
GetProcAddress
GetLastError
CreateFileA
CloseHandle
ReadFile
InitializeCriticalSection
CreateThread
GetExitCodeThread
DeleteCriticalSection
GetTickCount
EnterCriticalSection
LeaveCriticalSection
FindFirstFileA
FindClose
GetVolumeInformationA
Beep
DeleteFileA
FileTimeToLocalFileTime

user32

GetCursorPos
DestroyWindow
OpenIcon
SetForegroundWindow
PostQuitMessage
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
IsIconic
IsWindowVisible
DispatchMessageA
TranslateMessage
TranslateAcceleratorA
IsDialogMessageA
GetMessageA
ShowWindow
LoadAcceleratorsA
CreateDialogParamA
SetMenu
LoadMenuA
CreateWindowExA
RegisterClassExA
LoadImageA
GetSysColor
EnableWindow
GetSysColorBrush
GetDlgItem
EndPaint
BeginPaint
GetSystemMetrics
CharPrevA
IsWindowEnabled
AppendMenuA
RemoveMenu
PtInRect
GetFocus
ReleaseCapture
SetCapture
DestroyMenu
ReleaseDC
GetDC
FillRect
SetRect
GetSubMenu
InvalidateRect
SetMenuDefaultItem
GetMenuStringA
GetDesktopWindow
RegisterWindowMessageA
FindWindowA
CheckRadioButton
CheckMenuRadioItem
PeekMessageA
MsgWaitForMultipleObjects
LoadIconA
CreatePopupMenu
CharNextA
CharUpperA
CharToOemA
MessageBoxA
GetMenuItemCount
InflateRect
DestroyIcon
DeleteMenu
GetAsyncKeyState
DestroyCursor
ExitWindowsEx
GetDlgCtrlID
GetClassNameA
EnumChildWindows
GetWindowTextA
InsertMenuA
GetWindowTextLengthA
ModifyMenuA
wvsprintfA
LoadStringA
DrawTextA
CopyRect
GetMenuItemInfoA
DrawTextExA
DrawEdge
GetMenuState
SetMenuItemInfoA
CharLowerA
CloseWindow
MoveWindow
IsWindow
CallWindowProcA
ScrollWindowEx
SetScrollInfo
GetScrollInfo
SetScrollRange
MapWindowPoints
TrackPopupMenu
DefWindowProcA
GetClientRect
SetTimer
KillTimer
PostMessageA
UpdateWindow
DialogBoxParamA
SetFocus
GetMenu
SystemParametersInfoA
GetWindowRect
IsZoomed
SetWindowPos
SetWindowLongA
GetWindowLongA
EndDialog
GetDlgItemInt
SetDlgItemInt
GetParent
SetWindowTextA
LoadCursorA
SetCursor
GetKeyState
CheckDlgButton
SendDlgItemMessageA
GetDlgItemTextA
wsprintfA
SetDlgItemTextA
EnableMenuItem
DrawMenuBar
CheckMenuItem
IsDlgButtonChecked
SendMessageA

gdi32

GetStockObject
SetTextColor
TextOutA
GetTextExtentPoint32A
StartPage
StartDocA
GetTextMetricsA
Polyline
Rectangle
CreatePen
SetBkColor
EndDoc
SelectObject
CreateSolidBrush
ExtFloodFill
CreateFontIndirectA
CreateFontA
GetDeviceCaps
DeleteObject
DeleteDC
CreateCompatibleDC
SetBkMode
EndPage

comdlg32

GetOpenFileNameA
PrintDlgA
GetSaveFileNameA

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegDeleteKeyA
GetUserNameA
RegCreateKeyA
RegQueryValueExA
RegSetValueExA
RegCloseKey
RegEnumValueA
RegEnumKeyExA
RegSetValueA
RegQueryValueA
RegOpenKeyExA
RegDeleteValueA

shell32

DragFinish
DragQueryFileA
DragAcceptFiles
ShellExecuteA
ShellExecuteExA
Shell_NotifyIconA
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
SHGetSpecialFolderPathA

ole32

CoInitialize
GetRunningObjectTable
CreateClassMoniker
CoUninitialize

Sections

.text
Size: 628KB - Virtual size: 628KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 377KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 856KB - Virtual size: 856KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

980d4a5a1d374a276ea0c1abff47a1a3

Headers

File Characteristics

Imports

comctl32

version

winmm

msimg32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

Sections

.text Size: 628KB - Virtual size: 628KB

.rdata Size: 68KB - Virtual size: 64KB

.data Size: 60KB - Virtual size: 377KB

.rsrc Size: 856KB - Virtual size: 856KB

.text
Size: 628KB - Virtual size: 628KB

.rdata
Size: 68KB - Virtual size: 64KB

.data
Size: 60KB - Virtual size: 377KB

.rsrc
Size: 856KB - Virtual size: 856KB