537b925a0405db45afdf019095128c84d1968db6ffd7b435f08712b806decc58_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

537b925a0405db45afdf019095128c84d1968db6ffd7b435f08712b806decc58_NeikiAnalytics.exe
Size

204KB
MD5

af6e30543b08811a03e76d2e4d824c50
SHA1

b7cf555198cdde8eb5831eb0c61e68ff512894b0
SHA256

537b925a0405db45afdf019095128c84d1968db6ffd7b435f08712b806decc58
SHA512

7c51e76c92526ea2ec8bb251cf2013342650deaf4b27b9c7c1dac1d9528f16c7cf8d7170ce729d5c193069edbdf7dac01e4a6308204e195371b1e7dc0ecb42e3
SSDEEP

3072:OCE7UJckCk+N+o0mFphvZV/jESPeGv/Ry5WzoC1/Kzl7mPgmyISzM:OlKgNC2vT/P5y5HZJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
537b925a0405db45afdf019095128c84d1968db6ffd7b435f08712b806decc58_NeikiAnalytics.exe

Files

537b925a0405db45afdf019095128c84d1968db6ffd7b435f08712b806decc58_NeikiAnalytics.exe
.dll windows:4 windows x86 arch:x86

6aacf2844d5c7c3e8f8b7b0c38f41278

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

RtlUnwind
GetCommandLineA
ExitProcess
TerminateProcess
HeapFree
HeapAlloc
RaiseException
GetTimeZoneInformation
SetStdHandle
GetFileType
HeapSize
HeapReAlloc
SetHandleCount
GetStdHandle
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetOEMCP
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetFileTime
GetFileSize
GetFileAttributesW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileW
GetCurrentProcess
DuplicateHandle
GetProcessVersion
WritePrivateProfileStringW
GlobalFlags
lstrcmpiW
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
MulDiv
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrcpynW
SetLastError
GlobalUnlock
GlobalFree
LocalFree
InterlockedDecrement
InterlockedIncrement
GetModuleHandleA
LoadLibraryA
lstrlenA
MultiByteToWideChar
GetVersion
lstrcatW
GlobalAddAtomW
GlobalFindAtomW
lstrcpyW
CloseHandle
GlobalLock
lstrcmpW
GlobalAlloc
GlobalDeleteAtom
lstrlenW
WideCharToMultiByte
GetCurrentThread
GetCurrentThreadId
GetLocalTime
GetProcAddress
GetACP
GetModuleHandleW
LoadLibraryW
GetLastError
FindResourceW
LoadResource
LockResource
FreeLibrary
GetVersionExW
GetModuleFileNameW
GetVersionExA

user32

IsDialogMessageW
SetWindowTextW
ShowWindow
CreateDialogIndirectParamW
EndDialog
ClientToScreen
TabbedTextOutW
DrawTextW
GrayStringW
UnregisterClassW
GetClassNameW
PtInRect
LoadCursorW
GetSysColorBrush
LoadStringW
DestroyMenu
CharUpperW
SendDlgItemMessageA
MapWindowPoints
GetSysColor
SetActiveWindow
IsWindow
SetFocus
AdjustWindowRectEx
GetTopWindow
GetCapture
WinHelpW
wsprintfW
GetClassInfoW
LoadIconW
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextLengthW
GetWindowTextW
GetDlgCtrlID
DefWindowProcW
DestroyWindow
CreateWindowExW
SetPropW
UnhookWindowsHookEx
GetPropW
CallWindowProcW
RemovePropW
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
SetWindowLongW
SetWindowPos
RegisterWindowMessageW
SystemParametersInfoW
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
CopyRect
GetClientRect
GetMenuCheckMarkDimensions
LoadBitmapW
GetMenuState
ModifyMenuW
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
GetKeyState
CallNextHookEx
SendMessageW
EnableWindow
ReleaseDC
GetDC
PostQuitMessage
PostMessageW
ValidateRect
IsWindowVisible
PeekMessageW
GetCursorPos
SetWindowsHookExW
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongW
UpdateWindow
RegisterClassW
SendDlgItemMessageW
MessageBoxW
SetCursor
GetWindow

gdi32

SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
GetObjectW
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
GetDeviceCaps
DeleteObject
CreateFontIndirectW

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegCloseKey
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW

comctl32

ImageList_Destroy
ord17

Exports

Exports

??0CGrdInterface@@QAE@ABV0@@Z
??0CGrdInterface@@QAE@XZ
??1CGrdInterface@@UAE@XZ
??4CGrdInterface@@QAEAAV0@ABV0@@Z
??_7CGrdInterface@@6B@
?ValidateString@CGrdInterface@@UAEHPAG00PAJH@Z
CreateCGrdDlgInstance
DestroyCGrdDlgInstance

Sections

.text
Size: 124KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6aacf2844d5c7c3e8f8b7b0c38f41278

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

Exports

Exports

Sections

.text Size: 124KB - Virtual size: 122KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 20KB - Virtual size: 33KB

.rsrc Size: 12KB - Virtual size: 11KB

.reloc Size: 20KB - Virtual size: 16KB

.text
Size: 124KB - Virtual size: 122KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 20KB - Virtual size: 33KB

.rsrc
Size: 12KB - Virtual size: 11KB

.reloc
Size: 20KB - Virtual size: 16KB