a7276a809c9288675d9cb771983dd01e535e6bdff9d114520fa38a7e3df3fc8a_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

a7276a809c9288675d9cb771983dd01e535e6bdff9d114520fa38a7e3df3fc8a_NeikiAnalytics.exe
Size

92KB
MD5

9d3cd7d3ae46b8ef66f99f626debfdd0
SHA1

57c1183c619c1044322949e645288bbe9fc340f1
SHA256

a7276a809c9288675d9cb771983dd01e535e6bdff9d114520fa38a7e3df3fc8a
SHA512

e7ef4c0d10fd242efe74bab8aeaa0275d0129f05f2faabc5743aaaf614c3e0bf2fc316baaafd4d22e0d06e91c2fbaaabd91c64d1b0b1b1f195b893d4a69cb3d6
SSDEEP

768:NxQeBTNCVVX7Xx1avkfZXSss9sdBCSs6XZTyTOIODNYVNoONPN6iB9f54pqLL7xl:sWIN1av6k9zb6XZT9hYlV4Azf4oLCG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a7276a809c9288675d9cb771983dd01e535e6bdff9d114520fa38a7e3df3fc8a_NeikiAnalytics.exe

Files

a7276a809c9288675d9cb771983dd01e535e6bdff9d114520fa38a7e3df3fc8a_NeikiAnalytics.exe
.dll regsvr32 windows:4 windows x86 arch:x86

cede0615a9b7de340f33c09773d48710

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
lstrcpyA
InterlockedIncrement
LeaveCriticalSection
DeleteCriticalSection
LoadLibraryA
lstrcpynA
HeapDestroy
IsDBCSLeadByte
GetLastError
lstrcmpiA
LoadLibraryExA
SizeofResource
FindResourceA
LoadResource
GetModuleFileNameA
FreeLibrary
WideCharToMultiByte
lstrlenW
GetShortPathNameA
MultiByteToWideChar
InitializeCriticalSection
InterlockedDecrement
EnterCriticalSection
DisableThreadLibraryCalls
CreateFileA
GetFileSize
ReadFile
CloseHandle
lstrcatA
lstrlenA
IsBadWritePtr
HeapCreate
VirtualFree
LCMapStringW
ExitProcess
LCMapStringA
GetStringTypeW
GetStringTypeA
GetOEMCP
GetACP
GetCPInfo
HeapFree
RtlUnwind
HeapAlloc
HeapReAlloc
GetCommandLineA
GetVersion
WriteFile
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
VirtualAlloc
IsBadReadPtr
IsBadCodePtr
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
TerminateProcess
GetEnvironmentStringsW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
FlushFileBuffers
SetStdHandle
SetUnhandledExceptionFilter

user32

ReleaseDC
GetDC
CharNextA

gdi32

GetEnhMetaFileHeader
GetPolyFillMode
LPtoDP
GetObjectA
DeleteEnhMetaFile
GetCurrentObject
CreateCompatibleDC
CreateCompatibleBitmap
PlayEnhMetaFileRecord
EnumEnhMetaFile
DeleteObject
SelectObject
GetMetaFileA
GetMetaFileBitsEx
DeleteDC
DeleteMetaFile
GetEnhMetaFileA
CopyEnhMetaFileA
SetWinMetaFileBits

advapi32

RegEnumKeyExA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegCreateKeyExA
RegDeleteKeyA
RegSetValueExA
RegQueryInfoKeyA
RegEnumValueA

ole32

CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
OleGetClipboard
ReleaseStgMedium
CoCreateInstance

oleaut32

VarUI4FromStr
VariantInit
SafeArrayCreate
SafeArrayAccessData
SafeArrayUnaccessData
SysStringLen
SysAllocStringLen
RegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cede0615a9b7de340f33c09773d48710

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 48KB - Virtual size: 46KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 16KB - Virtual size: 18KB

.rsrc Size: 8KB - Virtual size: 5KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 48KB - Virtual size: 46KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 16KB - Virtual size: 18KB

.rsrc
Size: 8KB - Virtual size: 5KB

.reloc
Size: 8KB - Virtual size: 5KB