06ea75c1f0234754a69c85590d643754378c656fa17dbc8ba62f37a434400b8f_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

06ea75c1f0234754a69c85590d643754378c656fa17dbc8ba62f37a434400b8f_NeikiAnalytics.exe
Size

30KB
MD5

168b42f951267976f52baf22f99a2ff0
SHA1

04c254cb68c0d6bd7995fda327d3c6fe49d3b735
SHA256

06ea75c1f0234754a69c85590d643754378c656fa17dbc8ba62f37a434400b8f
SHA512

127bedd567e36238bcb746cab5dcfe21fe4ee49578a638f196a8f654a8efed3e69efc60efed474ddaf597c492c8065dd0825dffad70b49aca85cee1e118a12cf
SSDEEP

768:gQ3n4ZtMHykJk+1ALBCGgF2NuC9IuSLe:TvYB1gsNdIuo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06ea75c1f0234754a69c85590d643754378c656fa17dbc8ba62f37a434400b8f_NeikiAnalytics.exe

Files

06ea75c1f0234754a69c85590d643754378c656fa17dbc8ba62f37a434400b8f_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

133920d15d1c227166476a5c577a7a63

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

gdi32

GetTextMetricsA
SelectObject
ExtTextOutA

kernel32

GetFileTime
GetModuleFileNameA
FileTimeToSystemTime
GetDateFormatA
CloseHandle
OpenFile
DeleteCriticalSection
WaitForSingleObject
GetProcAddress
LoadLibraryA
EnterCriticalSection
GetFileSize
GetLocaleInfoA
lstrcatA
GetEnvironmentVariableA
GetSystemDirectoryA
lstrcmpiA
GlobalLock
GlobalReAlloc
GlobalFlags
GlobalUnlock
GlobalAlloc
GlobalFree
lstrlenA
lstrcpyA
FreeLibrary
InitializeCriticalSection
CreateEventA
SetEvent
LeaveCriticalSection
GetStartupInfoA
GetModuleHandleA

user32

GetClientRect
GetParent
MapWindowPoints
EnumChildWindows
SetDlgItemTextA
SendDlgItemMessageA
CheckDlgButton
InflateRect
GetClassNameA
SetWindowPos
RemovePropA
CallWindowProcA
BringWindowToTop
MoveWindow
DestroyWindow
MessageBeep
GetPropA
GetKeyState
ShowWindow
SetPropA
GetWindowTextA
PostQuitMessage
PostMessageA
SendMessageA
LoadCursorA
DefWindowProcA
LoadIconA
GetMessageA
RegisterClassA
CreateDialogParamA
DispatchMessageA
IsDialogMessageA
TranslateMessage
GetDC
GetWindowLongA
SetWindowLongA
EndDialog
ReleaseDC
CopyRect
IsDlgButtonChecked
GetDlgItem
EnableWindow
SetFocus
LoadStringA
wsprintfA
GetDlgItemTextA
MessageBoxA
DialogBoxParamA
UpdateWindow

msvcrt

_strrev
_strupr
strcpy
strcmp
_controlfp
_except_handler3
__p__fmode
__p__commode
__set_app_type
__setusermatherr
_initterm
_adjust_fdiv
_acmdln
exit
__getmainargs
_exit
memmove
_XcptFilter
strncmp
memcpy
_strnicmp
_findclose
_findnext
_findfirst
malloc
_beginthread
_endthread
memset
strtok
strcat
strlen
_strlwr
_stricmp
free
strstr

advapi32

RegCloseKey
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegEnumValueA
RegDeleteValueA

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.spm
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

133920d15d1c227166476a5c577a7a63

Headers

File Characteristics

Imports

comctl32

gdi32

kernel32

user32

msvcrt

advapi32

Sections

.text Size: 17KB - Virtual size: 16KB

.rdata Size: 512B - Virtual size: 12B

.data Size: 1KB - Virtual size: 2KB

.idata Size: 3KB - Virtual size: 3KB

.rsrc Size: 6KB - Virtual size: 6KB

.spm Size: - Virtual size: 4KB

.text
Size: 17KB - Virtual size: 16KB

.rdata
Size: 512B - Virtual size: 12B

.data
Size: 1KB - Virtual size: 2KB

.idata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 6KB - Virtual size: 6KB

.spm
Size: - Virtual size: 4KB