ba2615d64d1b08aa86b7816d45b6109b7eacc4b057e4dc36ea4090a30da40e10_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

ba2615d64d1b08aa86b7816d45b6109b7eacc4b057e4dc36ea4090a30da40e10_NeikiAnalytics.exe
Size

144KB
MD5

3e42b8c9796acac325ea56a66d4cef50
SHA1

be051db1dcbdee27214e6d646bb6afb8bb2cd51b
SHA256

ba2615d64d1b08aa86b7816d45b6109b7eacc4b057e4dc36ea4090a30da40e10
SHA512

75bb57a1c88a4200754a9fb25d2cfa8dd79b8738ba2e462bd19c634875af16fbfa67eadbac61e762b61e82a999f8ccf1fbfec8ce42fedffc047c4098a63e7401
SSDEEP

1536:ADgG8OPc06f/v3M1W8+IrozxFeINFeIJQ0HCI822Y53rKEKcNmAw8WjM:A0jOPi/8z+IozZNqOx8fYcEdMHjM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba2615d64d1b08aa86b7816d45b6109b7eacc4b057e4dc36ea4090a30da40e10_NeikiAnalytics.exe

Files

ba2615d64d1b08aa86b7816d45b6109b7eacc4b057e4dc36ea4090a30da40e10_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

c02fb2c309348df8b98a863eeb5b5e23

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetLocalTime
SystemTimeToFileTime
GetVersion
GetWindowsDirectoryA
lstrcatA
CreateDirectoryA
OpenMutexA
CreateMutexA
ReleaseMutex
CloseHandle
GetCurrentProcess
WinExec
LocalFileTimeToFileTime
lstrcpyA
WideCharToMultiByte
LocalFree
LoadLibraryA
GetProcAddress
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
GetModuleHandleA
InterlockedDecrement
lstrcmpiA
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetOEMCP
GetACP
GetCPInfo
HeapSize
TerminateProcess
HeapReAlloc
RaiseException
HeapFree
HeapAlloc
RtlUnwind
ExitProcess
GetStartupInfoA
GetCommandLineA

user32

CharUpperA
KillTimer
SetWindowPos
DestroyIcon
GetDlgItem
DispatchMessageA
TranslateMessage
GetMessageA
LoadStringA
RegisterClassA
LoadIconA
SetWindowTextA
ShowWindow
CreateWindowExA
DefWindowProcA
CreateDialogParamA
SetTimer
FindWindowA
PostQuitMessage
ReleaseDC
GetWindowLongA
SendMessageA
PostMessageA
SetFocus
SetForegroundWindow
wsprintfA
MessageBeep
EndDialog
GetDC
BeginPaint
EndPaint
MessageBoxA
LoadCursorA
SetCursor
GetCursorPos
LoadBitmapA
MoveWindow
GetSystemMetrics

gdi32

BitBlt
DeleteDC
SelectObject
DeleteObject
CreateCompatibleDC

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
RegFlushKey
RegQueryValueExA
RegSetValueExA

shell32

Shell_NotifyIconA

ole32

CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

SysFreeString
VariantClear
SysAllocString

comctl32

InitCommonControlsEx

winmm

timeSetEvent
timeEndPeriod
timeKillEvent
timeBeginPeriod

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c02fb2c309348df8b98a863eeb5b5e23

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

winmm

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 12KB - Virtual size: 14KB

.rsrc Size: 88KB - Virtual size: 84KB

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 14KB

.rsrc
Size: 88KB - Virtual size: 84KB