15977b453a9c09e2f36e5034d6199c9d640af51620b6527d64992a6cb3e3f30c_NeikiAnalytics[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

15977b453a9c09e2f36e5034d6199c9d640af51620b6527d64992a6cb3e3f30c_NeikiAnalytics.exe
Size

92KB
MD5

9edbf111ff675818cb7683f0257d15a0
SHA1

e064ac08041c1883efc56903d67c280d79682f1d
SHA256

15977b453a9c09e2f36e5034d6199c9d640af51620b6527d64992a6cb3e3f30c
SHA512

6a5bf54a3521bcdcd09fbe1c9f94d99c7beb435f2e29201b8146f2332842082bf5650fc03146b282e1ee21a5feaace666a7486c290323b8267ed8c8696bd2e25
SSDEEP

768:qjj24U+r2V9aKdkjshMFqAVgBl0PrUSmyM1CUj7/B5E/S9zvX:42T+yV9aKdPhAr2j0bgBPCcv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15977b453a9c09e2f36e5034d6199c9d640af51620b6527d64992a6cb3e3f30c_NeikiAnalytics.exe

Files

15977b453a9c09e2f36e5034d6199c9d640af51620b6527d64992a6cb3e3f30c_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

71f10e539e5fc4d5b75076f77facb165

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowThreadProcessId
GetAsyncKeyState
FindWindowA
SetWindowTextA
SetWindowRgn
DialogBoxParamA
EndDialog
GetDlgItem
GetKeyState
LoadIconA
MessageBoxA
SendMessageA
AnimateWindow
GetWindowLongA
GetDC
GetDlgCtrlID
DefWindowProcA
CreateWindowExA
ShowWindow
SetWindowPos
GetWindowRect
SetCapture
ReleaseCapture
RegisterClassExA
GetParent
LoadCursorA
SetWindowLongA

kernel32

LoadResource
Sleep
CreateThread
ExitProcess
FindResourceA
GetModuleHandleA
WriteProcessMemory
LockResource
ResumeThread
SetLastError
SizeofResource
OpenProcess
MulDiv

gdi32

SetTextColor
CreateRoundRectRgn
SelectObject
GetDeviceCaps
DeleteObject
DeleteDC
CreateCompatibleDC
CreateCompatibleBitmap
GetStockObject
SetBkMode
SetBkColor

ole32

CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoUninitialize
CreateStreamOnHGlobal

oleaut32

OleLoadPicture

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE