6d5b319158d6ecee0dbaf4e37a688715b97adf62fe1e9e2049238c3dc5976907_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

6d5b319158d6ecee0dbaf4e37a688715b97adf62fe1e9e2049238c3dc5976907_NeikiAnalytics.exe
Size

260KB
MD5

1369fc424e45835d150d104f822da430
SHA1

e593ab282aec996e8bc4b59d79a7f1df922f0660
SHA256

6d5b319158d6ecee0dbaf4e37a688715b97adf62fe1e9e2049238c3dc5976907
SHA512

d7ca3ce7f51be40035a8547e87d8209c75071f26cb76349b7bb8b28f6b4e7de4d924581c7b6459cd3411e7faf193752d214a90602b68dee9c893f704d88d12f2
SSDEEP

3072:3umsAU5kYxX9Ap2ZbpQaryIdNN6TTvKq+8UrNR5G2cZDZERQS+ohLgsvf6f:13U6YxNAOdQa22NGjKqQG2clZFsv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6d5b319158d6ecee0dbaf4e37a688715b97adf62fe1e9e2049238c3dc5976907_NeikiAnalytics.exe

Files

6d5b319158d6ecee0dbaf4e37a688715b97adf62fe1e9e2049238c3dc5976907_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

2eb449c942f5e375e055f02c5cf1c6e0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
ExitThread
TerminateProcess
RaiseException
GetACP
ExitProcess
CreateThread
HeapSize
HeapDestroy
HeapCreate
HeapReAlloc
GetTimeZoneInformation
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetStartupInfoA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
LockFile
IsBadWritePtr
RtlUnwind
CompareStringA
CompareStringW
SetEnvironmentVariableA
FormatMessageA
GetFileTime
GetFileSize
GetFileAttributesA
GetTickCount
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
UnhandledExceptionFilter
GetFileType
SetEndOfFile
VirtualLock
VirtualUnlock
VirtualFree
CreateEventA
ResetEvent
WaitForSingleObject
GetVersion
GetProcessHeap
HeapAlloc
HeapFree
CreateFileA
DeviceIoControl
GetCurrentDirectoryA
CloseHandle
FreeLibrary
LoadLibraryA
GetProcAddress
GetLastError
UnlockFile
WriteFile
FlushFileBuffers
SetFilePointer
DuplicateHandle
ReadFile
GetCurrentProcess
IsBadReadPtr
SetErrorMode
GetProfileStringA
WritePrivateProfileStringA
GetThreadLocale
SizeofResource
GetOEMCP
GlobalFlags
GetCPInfo
GetProcessVersion
TlsSetValue
TlsGetValue
LocalReAlloc
LeaveCriticalSection
EnterCriticalSection
GlobalReAlloc
DeleteCriticalSection
TlsFree
GlobalHandle
LocalFree
TlsAlloc
InitializeCriticalSection
SuspendThread
LocalAlloc
GlobalFree
SetEvent
SetThreadPriority
ResumeThread
lstrcmpA
GetModuleFileNameA
GlobalAlloc
GlobalLock
GetCurrentThread
lstrcpynA
SetLastError
GlobalUnlock
MulDiv
lstrlenA
MultiByteToWideChar
WideCharToMultiByte
FindResourceA
InterlockedDecrement
InterlockedIncrement
lstrcatA
LoadResource
LockResource
lstrcmpiA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalDeleteAtom
GlobalAddAtomA
GlobalFindAtomA
Sleep
lstrcpyA
GetModuleHandleA
IsBadCodePtr
VirtualAlloc
SetStdHandle
FreeEnvironmentStringsA
GetVersionExA

user32

CharUpperA
RegisterClipboardFormatA
PostThreadMessageA
CopyAcceleratorTableA
CharNextA
GetSysColorBrush
GetDesktopWindow
PtInRect
GetClassNameA
DestroyMenu
LoadStringA
MapDialogRect
SetWindowContextHelpId
EndDialog
CreateDialogIndirectParamA
GetMessageA
TranslateMessage
GetActiveWindow
ValidateRect
PostQuitMessage
InflateRect
GrayStringA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
PostMessageA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
DispatchMessageA
SetActiveWindow
SetFocus
AdjustWindowRectEx
ScreenToClient
SetRect
GetTopWindow
MessageBoxA
IsChild
GetCapture
WinHelpA
wsprintfA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
GetWindowLongA
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
InvalidateRect
SetRectEmpty
CopyRect
MessageBeep
GetNextDlgGroupItem
SetCursor
LoadBitmapA
FillRect
DrawEdge
LoadIconA
IsIconic
GetSystemMenu
SendMessageA
AppendMenuA
DrawIcon
CharLowerA
GetSystemMetrics
EnableWindow
GetParent
GetFocus
KillTimer
SetTimer
RedrawWindow
IsWindowVisible
ClientToScreen
GetClientRect
GetWindowRect
DrawTextA
GetKeyState
GetClassInfoA
DefWindowProcA
LoadCursorA
GetCursorPos
GetSysColor
IsWindow
HideCaret
ShowCaret
UnregisterClassA
DrawFocusRect
DefDlgProcA
ExcludeUpdateRgn
IsWindowUnicode

gdi32

IntersectClipRect
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
ScaleWindowExtEx
PtVisible
TextOutA
ExtTextOutA
RectVisible
GetMapMode
PatBlt
Escape
GetTextColor
DPtoLP
LPtoDP
GetBkColor
CreateDIBitmap
SetWindowExtEx
SetViewportExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
SetMapMode
SetViewportOrgEx
RestoreDC
SaveDC
CreateBitmap
SetBkColor
GetClipBox
StretchBlt
CreateFontIndirectA
GetObjectA
CreateCompatibleBitmap
DeleteObject
CreateCompatibleDC
GetCurrentObject
SetBkMode
CreateSolidBrush
SetTextColor
DeleteDC
BitBlt
PlgBlt
GetPixel
SetPixel
GetTextExtentPoint32A
SelectObject
GetStockObject
GetTextExtentPointA

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA

shell32

ShellExecuteA

comctl32

_TrackMouseEvent
ord17

oledlg

ord8

ole32

OleInitialize
OleUninitialize
CoFreeUnusedLibraries
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
OleIsCurrentClipboard
CoRevokeClassObject
OleFlushClipboard
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal

olepro32

ord253

oleaut32

SysStringLen
SysAllocStringByteLen
VariantCopy
SysAllocString
VariantChangeType
VariantTimeToSystemTime
VariantClear
SysAllocStringLen
SysFreeString

Sections

.text
Size: 180KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2eb449c942f5e375e055f02c5cf1c6e0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 180KB - Virtual size: 176KB

.rdata Size: 40KB - Virtual size: 38KB

.data Size: 12KB - Virtual size: 28KB

.rsrc Size: 24KB - Virtual size: 20KB

.text
Size: 180KB - Virtual size: 176KB

.rdata
Size: 40KB - Virtual size: 38KB

.data
Size: 12KB - Virtual size: 28KB

.rsrc
Size: 24KB - Virtual size: 20KB