15c6f9a3e72c48b0cf4ed8d149959888efb0b9454c26488e0f0aad80127733c7_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

15c6f9a3e72c48b0cf4ed8d149959888efb0b9454c26488e0f0aad80127733c7_NeikiAnalytics.exe
Size

208KB
MD5

960295dd68607eca9f273a86123c71c0
SHA1

57da503ae7b63163bfe87622c279312aa4bc41bf
SHA256

15c6f9a3e72c48b0cf4ed8d149959888efb0b9454c26488e0f0aad80127733c7
SHA512

1bdc8681e6d128d41d64e083c852742be55306d57a7b729b0072501c1b5bd0f4226ff5145591a6c3286cb90e3e325f2d0a7851633fcc0f81691e17edad040368
SSDEEP

3072:nBIthpKUXav8VDaSGt++MMRX4WAg0FuKl0GrK:nmLpKUXavP90KIWAO1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15c6f9a3e72c48b0cf4ed8d149959888efb0b9454c26488e0f0aad80127733c7_NeikiAnalytics.exe

Files

15c6f9a3e72c48b0cf4ed8d149959888efb0b9454c26488e0f0aad80127733c7_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

b30d1d04fdd76fe8d8eff6b9364fadf0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

waveOutClose
waveOutUnprepareHeader
waveOutReset
waveOutWrite
waveOutSetVolume
waveOutGetVolume
waveOutPrepareHeader
waveOutOpen
waveOutGetPosition
timeGetTime

kernel32

GetLocaleInfoA
SetEndOfFile
RaiseException
HeapSize
CreateProcessA
GetStringTypeA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
LCMapStringW
LCMapStringA
GetSystemInfo
VirtualProtect
SetStdHandle
GetCPInfo
GetOEMCP
GetACP
LoadLibraryA
WaitForSingleObject
GetCurrentDirectoryA
lstrcatA
ReleaseMutex
Sleep
LocalFree
CreateFileA
GetFileSize
LocalAlloc
ReadFile
CloseHandle
GetModuleHandleA
GetStringTypeW
FlushFileBuffers
VirtualQuery
InterlockedExchange
HeapReAlloc
VirtualAlloc
SetFilePointer
VirtualFree
HeapCreate
HeapDestroy
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
EnterCriticalSection
LeaveCriticalSection
GetLastError
CreateMutexA
GetTickCount
ExitThread
DeleteCriticalSection
SetThreadPriority
CreateThread
InitializeCriticalSection
GetVersionExA
MultiByteToWideChar
WideCharToMultiByte
CreateDirectoryW
CreateDirectoryA
CreateFileW
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
CreateFileMappingA
UnmapViewOfFile
MapViewOfFile
OpenFileMappingA
lstrlenA
lstrcpyA
GetStartupInfoA
GetCommandLineA
HeapFree
HeapAlloc
RtlUnwind
GetProcAddress
WriteFile
ExitProcess
TerminateProcess
GetCurrentProcess

user32

PostMessageA
PostQuitMessage
GetClientRect
ClientToScreen
ReleaseDC
LoadIconA
UpdateWindow
GetWindowRect
ShowWindow
CheckMenuItem
SetTimer
KillTimer
EndDialog
InvalidateRect
GetMenu
ScreenToClient
GetCursorPos
ShowCursor
PeekMessageA
TranslateMessage
DispatchMessageA
LoadCursorA
SetCursor
GetForegroundWindow
GetSystemMetrics
GetDC
FillRect
OffsetRect
GetWindowLongA
MessageBoxW
MessageBoxA
CreateWindowExW
CreateWindowExA
RegisterClassExW
DefWindowProcW
RegisterClassExA
DefWindowProcA
DialogBoxParamW
DialogBoxParamA
GetWindowTextW
GetWindowTextLengthW
GetWindowTextA
GetDlgItem
SetDlgItemTextW
SetDlgItemTextA
SendMessageW
SendMessageA
SetForegroundWindow
GetDesktopWindow
SetWindowPos
SetFocus
DrawTextA

gdi32

StretchDIBits
SetBkMode
GetStockObject
GetSystemPaletteEntries
SetTextColor
CreateRectRgn
SelectClipRgn
DeleteObject
GetPixel
SetPixel
CreateCompatibleDC
SelectObject
GetObjectA
StretchBlt
CreateICA
GetDeviceCaps
DeleteDC
CreateSolidBrush
CreateFontIndirectA
CreateFontIndirectW
CreateDIBSection

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

ole32

CoInitialize
CoUninitialize

shell32

SHGetSpecialFolderPathW
SHGetSpecialFolderPathA

Sections

.text
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b30d1d04fdd76fe8d8eff6b9364fadf0

Headers

File Characteristics

Imports

winmm

kernel32

user32

gdi32

advapi32

ole32

shell32

Sections

.text Size: 140KB - Virtual size: 139KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 24KB - Virtual size: 1.5MB

.rsrc Size: 12KB - Virtual size: 10KB

.text
Size: 140KB - Virtual size: 139KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 24KB - Virtual size: 1.5MB

.rsrc
Size: 12KB - Virtual size: 10KB