0b6d012c2fa1f6d578461b201fb29ff16282e00ee0f1924df95d609657062b69_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

0b6d012c2fa1f6d578461b201fb29ff16282e00ee0f1924df95d609657062b69_NeikiAnalytics.exe
Size

869KB
MD5

d3453dbd9a10f2d84c1e5edce58515c0
SHA1

b3e7b81898b6012a97264f3ca0de58a7b2f1e225
SHA256

0b6d012c2fa1f6d578461b201fb29ff16282e00ee0f1924df95d609657062b69
SHA512

f16d2a97fd31bdd7bb5875dcd9f6eb43645ca58911d88cb5f36f4d1a941c69adf106e3faa3769253640747e8e724e961f1d676eec2498f1e516e9e17b7cab736
SSDEEP

24576:L8iLN7k2W+D7/t1YyI1YyIZ0eCbC+xwp9xwp9dcVjV/kvy8LzHBh6:L8iLN7rD7/t1YyI1YyIZ0eCbC+xwp9xY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b6d012c2fa1f6d578461b201fb29ff16282e00ee0f1924df95d609657062b69_NeikiAnalytics.exe

Files

0b6d012c2fa1f6d578461b201fb29ff16282e00ee0f1924df95d609657062b69_NeikiAnalytics.exe
.dll regsvr32 windows:4 windows x86 arch:x86

a27070539407160f6a16064876e70fed

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

timeGetTime
DefDriverProc

kernel32

OpenFileMappingA
GlobalUnlock
GlobalHandle
MapViewOfFile
GlobalAlloc
GlobalFree
GlobalReAlloc
UnmapViewOfFile
CloseHandle
CreateSemaphoreA
CreateFileMappingA
WaitForSingleObject
OutputDebugStringA
Sleep
GetLastError
GetSystemInfo
FreeLibrary
GetProcAddress
LoadLibraryA
GetModuleHandleA
WritePrivateProfileStringA
GetVersion
ReleaseSemaphore
GetSystemDirectoryA
GetModuleFileNameA
GetShortPathNameA
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
VirtualAlloc
VirtualFree
WideCharToMultiByte
GetACP
GetCurrentThreadId
GetVersionExA
DisableThreadLibraryCalls
lstrlenA
InitializeCriticalSection
RtlUnwind
RaiseException
GetCommandLineA
TlsSetValue
TlsAlloc
IsBadReadPtr
GlobalLock
TlsGetValue
ExitProcess
HeapFree
SetUnhandledExceptionFilter
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetCPInfo
GetOEMCP
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
WriteFile
IsBadWritePtr
IsBadCodePtr
HeapAlloc
LocalAlloc
GetLocaleInfoA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
FlushFileBuffers
GetLocaleInfoW
SetStdHandle
SetFilePointer
LocalLock
MultiByteToWideChar
QueryPerformanceCounter
QueryPerformanceFrequency
FindResourceA
LoadResource
LockResource
FreeResource
EnterCriticalSection
LeaveCriticalSection
LocalHandle
LocalUnlock
LocalFree
TlsFree
SetLastError

user32

PostMessageA
SendMessageA
EnableWindow
GetDlgItem
SetWindowTextA
WinHelpA
ShowWindow
SetFocus
MessageBoxA
SetWindowPos
OffsetRect
MapWindowPoints
GetClientRect
CheckRadioButton
IsRectEmpty
CreateDialogParamA
BeginPaint
wsprintfA
DestroyWindow
DefWindowProcA
LoadStringW
GetDesktopWindow
LoadBitmapA
EndPaint
SetDlgItemTextA
EndDialog
GetDC
ReleaseDC
SetDlgItemInt
CheckDlgButton
GetFocus
GetDlgCtrlID
IsDlgButtonChecked
GetDlgItemInt
GetWindowLongA
SetWindowLongA
wvsprintfA
DialogBoxParamA
LoadStringA
MoveWindow
InvalidateRect
GetWindowRect

gdi32

GetSystemPaletteEntries
BitBlt
SelectObject
CreateCompatibleDC
GetObjectA
DeleteDC

advapi32

RegCreateKeyExA
RegSetValueA
RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegDeleteKeyA
RegQueryValueExA
RegQueryValueA
RegOpenKeyA
RegCreateKeyA
RegDeleteValueA
RegEnumKeyExA

ole32

CoFreeUnusedLibraries
CoUninitialize
StringFromGUID2
CoCreateInstance
CoInitialize
CoTaskMemAlloc
CoTaskMemFree

oleaut32

LoadTypeLi
RegisterTypeLi

Exports

Exports

AboutDialogProc
ConfigureDialogProc
DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer
DriverProc

Sections

.text
Size: 500KB - Virtual size: 500KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 166KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a27070539407160f6a16064876e70fed

Headers

File Characteristics

Imports

winmm

kernel32

user32

gdi32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 500KB - Virtual size: 500KB

.sdata Size: 45KB - Virtual size: 44KB

.rdata Size: 43KB - Virtual size: 43KB

.data Size: 46KB - Virtual size: 79KB

.rsrc Size: 66KB - Virtual size: 66KB

.reloc Size: 166KB - Virtual size: 165KB

.text
Size: 500KB - Virtual size: 500KB

.sdata
Size: 45KB - Virtual size: 44KB

.rdata
Size: 43KB - Virtual size: 43KB

.data
Size: 46KB - Virtual size: 79KB

.rsrc
Size: 66KB - Virtual size: 66KB

.reloc
Size: 166KB - Virtual size: 165KB