7451b2e116d0a29d33a5c3d289c837f01f0324a66dfda9c302b9d8fac1c15de6_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

7451b2e116d0a29d33a5c3d289c837f01f0324a66dfda9c302b9d8fac1c15de6_NeikiAnalytics.exe
Size

172KB
MD5

69ea73c70b38baa3cda1e803bd8e67e0
SHA1

ee177e692388fe6f2568d69703682c366c3791c8
SHA256

7451b2e116d0a29d33a5c3d289c837f01f0324a66dfda9c302b9d8fac1c15de6
SHA512

563848d35d39956207ab4bd9a49d747bd8c6e3fed272715b647a0efef59f079b79494c28d71bee23b15aa657e108962fba4195eae51bac022ff8584505d75a0a
SSDEEP

3072:RO5IcXIwv3eAlyAppnJr8m2lqn8NxaEm+uf5KKdim:RmXIfA8ApphfGEim

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7451b2e116d0a29d33a5c3d289c837f01f0324a66dfda9c302b9d8fac1c15de6_NeikiAnalytics.exe

Files

7451b2e116d0a29d33a5c3d289c837f01f0324a66dfda9c302b9d8fac1c15de6_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

239de31eaf4189c84bc5413d122f606e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord6
ImageList_SetOverlayImage
ImageList_ReplaceIcon
ImageList_Create
ord17
ImageList_LoadImageA
ImageList_Destroy

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

kernel32

GetOEMCP
GetACP
VirtualQuery
InterlockedExchange
HeapSize
LCMapStringW
LCMapStringA
IsBadWritePtr
HeapReAlloc
VirtualAlloc
SetStdHandle
SetFilePointer
ReadFile
GetCPInfo
VirtualFree
HeapCreate
HeapDestroy
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
WriteFile
GetCurrentProcess
TerminateProcess
ExitProcess
RtlUnwind
HeapFree
HeapAlloc
CreateFileA
GetFileType
CloseHandle
GetLastError
FlushFileBuffers
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetLocaleInfoA
VirtualProtect
GetSystemInfo
QueryPerformanceCounter
GetVersionExA
GetStartupInfoA
GetCommandLineA
GetCurrentProcessId
FreeLibrary
LoadLibraryA
GetProcAddress
GetVersion
ExpandEnvironmentStringsA
WideCharToMultiByte
GetModuleFileNameA
MultiByteToWideChar
GetModuleHandleA
GetTickCount
GetCurrentThreadId
GetSystemTimeAsFileTime
SetEndOfFile
DeleteFileA

user32

GetClassInfoA
FindWindowA
PostQuitMessage
GetTopWindow
GetMenuItemInfoA
DefWindowProcA
DrawIconEx
InsertMenuA
DeleteMenu
DialogBoxParamA
GetSysColorBrush
ChildWindowFromPoint
IsDlgButtonChecked
GetDlgItem
EnableWindow
LoadIconA
CheckDlgButton
SendDlgItemMessageA
SetDlgItemTextA
KillTimer
SetTimer
SendMessageA
MoveWindow
CreatePopupMenu
InsertMenuItemA
DestroyMenu
TrackPopupMenu
SystemParametersInfoA
GetIconInfo
CreateIconIndirect
FillRect
FindWindowExA
GetClassNameA
RegisterClassA
LoadMenuA
RegisterWindowMessageA
DispatchMessageA
GetMessageA
GetDlgItemTextA
TranslateMessage
GetClientRect
GetWindowRect
GetClassLongA
SendMessageTimeoutA
LoadStringA
UpdateWindow
DestroyWindow
IsIconic
EndDialog
SetWindowLongA
DrawTextA
SetFocus
SetWindowTextA
MessageBoxA
ShowWindow
SetWindowPos
GetDesktopWindow
IsWindowVisible
wsprintfA
GetWindowTextA
InvalidateRect
LoadCursorA
GetAsyncKeyState
EnableMenuItem
CheckMenuItem
SetCapture
SetCursor
GetWindow
GetCursorPos
WindowFromPoint
GetWindowThreadProcessId
GetParent
GetWindowLongA
GetWindowDC
ReleaseDC
GetMenu
IsWindow
GetSubMenu
PostMessageA
SetForegroundWindow
LoadImageA
DestroyIcon
GetSystemMetrics
MapWindowPoints
CreateWindowExA

gdi32

SetTextColor
SetBkMode
DeleteDC
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
CreateDCA
ExtTextOutA
GetObjectA
CreateFontIndirectA
CreatePen
GetStockObject
SelectObject
SetROP2
LineTo
MoveToEx
SetBkColor
DeleteObject

comdlg32

GetSaveFileNameA

advapi32

RegCreateKeyExA
RegCloseKey
RegDeleteKeyA
RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExA
RegDeleteValueA
RegEnumValueA
RegSetValueExA

shell32

Shell_NotifyIconA
ExtractIconExA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc
ShellExecuteA

ole32

CoCreateInstance
CoInitialize
CoCreateGuid
IIDFromString
CoUninitialize
StringFromGUID2

Sections

.text
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

239de31eaf4189c84bc5413d122f606e

Headers

File Characteristics

Imports

comctl32

version

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

Sections

.text Size: 64KB - Virtual size: 62KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 19KB

.rsrc Size: 88KB - Virtual size: 86KB

.text
Size: 64KB - Virtual size: 62KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 19KB

.rsrc
Size: 88KB - Virtual size: 86KB