92cc933b1e74e88c2a89e60df68bcddcadb0dbcc646ea9b1eae990812ea4aca7_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

92cc933b1e74e88c2a89e60df68bcddcadb0dbcc646ea9b1eae990812ea4aca7_NeikiAnalytics.exe
Size

380KB
MD5

5e4decbddd138f4b7d8cb6fad8882e80
SHA1

683317244a1594e9049f0572ce94de3175d79d55
SHA256

92cc933b1e74e88c2a89e60df68bcddcadb0dbcc646ea9b1eae990812ea4aca7
SHA512

549f5a4c5be7de4809d119a5aa90cefee917429874e0a3f1a1be207e43063cacfab5c39a532fec15249b9a0151c6744fddc865e734a856ed02ecd561ea4f58a6
SSDEEP

6144:hQ/vL2zABdP4U2QrVCacuWFycgGaw8PP2ANDvBDTALc49GS4HqapK/uAMIGEg1Oj:hmvzL4U2QrVCRuW/MDE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
92cc933b1e74e88c2a89e60df68bcddcadb0dbcc646ea9b1eae990812ea4aca7_NeikiAnalytics.exe

Files

92cc933b1e74e88c2a89e60df68bcddcadb0dbcc646ea9b1eae990812ea4aca7_NeikiAnalytics.exe
.dll windows:4 windows x86 arch:x86

ddae5bad9c3c71b9466e2020483fa7a3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

ws2_32

inet_addr
htons
gethostbyname
WSAStartup
ioctlsocket
WSAGetLastError
WSACleanup
recv
send
socket
connect
closesocket

stag320g

ZTagGetUINT

sgdi320g

EndPath
DeleteObject
SetTextAlign
SetTextColor
SetBkMode
GetTextExtentPoint32A
ExtTextOutA
GetCharABCWidthsA
GetDeviceCaps
SelectObject
BeginPath
MoveToEx
LineTo
StrokePath

sddm320g

SDDMLoadString
SDDMGetStdDefaults
SDDMGetPrinterModelIndex
SDDMCreateProfileKey
SDDMProfileSearch
SDDMGetProfileIntArray
SDDMMakeProgress
GetPaperSize
SDDMIsLandscapePaper
SDDMGetPaperAreaAndSize
ReportDimensions
SDDMGetResolutionList
SDDMGetPrinterKeyValue
SDDMGetPrinter
SDDMSetLastError
SDDMFindProfileSection
SDDMGetProfileInt
SDDMWritePrinter

sltsrv0g

SDDMMLTReadWatermark
SDDMMLTGetWatermarkWithID
SDDMMLTCancelWatermark

kernel32

GetLocaleInfoW
LoadResource
FindResourceA
MoveFileA
SizeofResource
InitializeCriticalSection
HeapReAlloc
GetVersion
GetCommandLineA
DeleteCriticalSection
EnterCriticalSection
TlsFree
SetLastError
TlsGetValue
WideCharToMultiByte
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
HeapCreate
VirtualFree
VirtualAlloc
GetACP
GetOEMCP
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetStdHandle
FlushFileBuffers
TlsSetValue
GetCurrentThreadId
ExitProcess
lstrcatA
lstrcpyA
Sleep
lstrlenA
CloseHandle
WriteFile
CreateFileA
GetLocalTime
HeapFree
HeapAlloc
GetTempFileNameA
GetLastError
GetTempPathA
DeleteFileA
ReadFile
GetFileInformationByHandle
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
MulDiv
FindResourceExA
GetModuleFileNameA
EnumResourceLanguagesA
GetTickCount
lstrcmpA
GetVersionExA
GetProcAddress
LockResource
TlsAlloc
GetModuleHandleA
IsDBCSLeadByte
lstrcpynA
FreeResource
FreeLibrary
LoadLibraryA
GetSystemDirectoryA
lstrcmpiA
GetCPInfo
GetFileSize
IsProcessorFeaturePresent
LeaveCriticalSection
HeapDestroy
GetLocaleInfoA
LCMapStringW
RaiseException
SetEndOfFile
LCMapStringA
InterlockedIncrement
InterlockedDecrement
SetFilePointer

gdi32

EnumFontFamiliesA
CreateFontIndirectA
CreatePen

user32

wsprintfA
MessageBoxA
LoadStringA
ReleaseDC
GetDC

winspool.drv

GetJobA
SetPrinterDataA
ClosePrinter
OpenPrinterA
GetPrinterDataA
GetPrinterA

advapi32

RegQueryValueExA
RegEnumKeyExA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegCloseKey

shell32

SHGetFolderPathA

Exports

Exports

DDMCorrectRGB
DDMEEPlot
DDMImfExchangeInfo
DDMLoadTHArray
DDMPageMark
DevParams
GetDefaults
GetOptionList

Sections

.text
Size: 136KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BITSA
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ddae5bad9c3c71b9466e2020483fa7a3

Headers

File Characteristics

Imports

version

ws2_32

stag320g

sgdi320g

sddm320g

sltsrv0g

kernel32

gdi32

user32

winspool.drv

advapi32

shell32

Exports

Exports

Sections

.text Size: 136KB - Virtual size: 133KB

BITSA Size: 4KB - Virtual size: 1KB

.rdata Size: 40KB - Virtual size: 38KB

.data Size: 84KB - Virtual size: 196KB

.rsrc Size: 100KB - Virtual size: 98KB

.reloc Size: 12KB - Virtual size: 9KB

.text
Size: 136KB - Virtual size: 133KB

BITSA
Size: 4KB - Virtual size: 1KB

.rdata
Size: 40KB - Virtual size: 38KB

.data
Size: 84KB - Virtual size: 196KB

.rsrc
Size: 100KB - Virtual size: 98KB

.reloc
Size: 12KB - Virtual size: 9KB