2db6c1d17269a6122f613ebcba9ef3210a466b5e1e24bac6bfb2cedafa5c2ec7_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

2db6c1d17269a6122f613ebcba9ef3210a466b5e1e24bac6bfb2cedafa5c2ec7_NeikiAnalytics.exe
Size

168KB
MD5

44873820efba90c036001067241afbe0
SHA1

1346d997c9622c0b868fb44e9f3da80b77b5493c
SHA256

2db6c1d17269a6122f613ebcba9ef3210a466b5e1e24bac6bfb2cedafa5c2ec7
SHA512

8b947e149255c110bcc0575e5065af2118b84881da8007f783052af504a78cb9d8e2ec12ed665d698bd215d0ee21a4b1bd96f5d4f19f05614cf61aa8c8d1f568
SSDEEP

3072:yCChYzpwxLfJsHd+grNMiYm6piiso28fatJqUUqKCNdKDJ1:OfW93r9OpRrtfiBUWLKD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2db6c1d17269a6122f613ebcba9ef3210a466b5e1e24bac6bfb2cedafa5c2ec7_NeikiAnalytics.exe

Files

2db6c1d17269a6122f613ebcba9ef3210a466b5e1e24bac6bfb2cedafa5c2ec7_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

8894d0529626986dbc1b47eaa89f265b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WritePrivateProfileSectionA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetPrivateProfileSectionA
Sleep
CreateDirectoryA
GetModuleFileNameA
CopyFileA
WinExec
GetModuleHandleA
WriteProcessMemory
ReadProcessMemory
MapViewOfFile
CreateFileA
GetCPInfo
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
FlushFileBuffers
SetStdHandle
SetFilePointer
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
HeapSize
WriteFile
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
ReadFile
GetFileType
GetStdHandle
SetHandleCount
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
RaiseException
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetLocalTime
GetSystemTime
GetTimeZoneInformation
HeapFree
HeapAlloc
RtlUnwind
OpenProcess
MultiByteToWideChar
SetLastError
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetACP
GetLastError
CloseHandle
GetVersionExA
GetSystemInfo
LoadLibraryA
WideCharToMultiByte
CreateFileMappingA
GetOEMCP
FindFirstFileA
GetProcAddress
LoadLibraryExA
FreeLibrary
FindClose

user32

SendMessageA
SetParent
IsZoomed
RegisterClassExA
PostQuitMessage
ClientToScreen
LoadCursorA
FindWindowA
ReleaseDC
DestroyIcon
CreateIcon
GetSystemMetrics
LoadBitmapA
GetDC
InvalidateRect
SetForegroundWindow
BeginPaint
SetTimer
SetWinEventHook
KillTimer
UnhookWinEvent
SystemParametersInfoA
SetWindowPos
GetWindowRect
GetCursorPos
GetClientRect
GetDesktopWindow
PostMessageA
GetMessageA
TranslateMessage
DispatchMessageA
TranslateAcceleratorA
EnumChildWindows
EndPaint
GetWindowTextA
DefWindowProcA
CreateWindowExA
SetActiveWindow
SetFocus
IsWindowVisible
EnumWindows
GetKeyboardState
CopyIcon
GetClipCursor
GetFocus
DrawIconEx
DrawTextA
DestroyCursor
UnregisterClassA
LoadAcceleratorsA
LoadStringA
RegisterHotKey
GetDlgItemTextA
SetScrollInfo
GetScrollInfo
UnregisterHotKey
EnableWindow
GetParent
SetDlgItemTextA
MessageBoxA
GetDlgItem
GetWindow
GetClassNameA
GetWindowThreadProcessId
LoadImageA
DestroyWindow
SetCursor
ClipCursor
ReleaseCapture
RedrawWindow
BringWindowToTop
IsIconic
ShowWindow
IsWindow
SetCapture
TrackMouseEvent
GetWindowLongA
LoadIconA
SetWindowLongA

gdi32

DeleteDC
GetDeviceCaps
SelectObject
OffsetClipRgn
SetTextColor
GetStockObject
DeleteObject
GetBitmapBits
BitBlt
CreateBitmap
GetObjectA
CreateCompatibleDC
CreateCompatibleBitmap
StretchBlt
SetStretchBltMode
CreateHalftonePalette
CreatePalette
GetDIBColorTable
Rectangle
CreateBrushIndirect
SetBkColor
SetMapMode
BeginPath
EndPath
SelectClipPath
DPtoLP
GetMapMode
SetBkMode
TextOutA
CreatePen
Polyline

comdlg32

ChooseColorA
GetOpenFileNameA

advapi32

RegDeleteValueA
RegCloseKey
RegQueryValueExA
RegSetValueA
RegEnumValueA
GetUserNameA
RegCreateKeyA
RegSetValueExA
RegOpenKeyExA

shell32

SHGetMalloc
DragFinish
SHGetSpecialFolderLocation
SHChangeNotify
ExtractIconA
DragQueryFileA
Shell_NotifyIconA
DragQueryPoint

ole32

CoInitialize
CoCreateInstance
CoUninitialize

comctl32

PropertySheetA

shlwapi

SHDeleteKeyA

imagehlp

MapFileAndCheckSumA

Sections

.text
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8894d0529626986dbc1b47eaa89f265b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

comctl32

shlwapi

imagehlp

Sections

.text Size: 120KB - Virtual size: 119KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 20KB - Virtual size: 24KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 120KB - Virtual size: 119KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 20KB - Virtual size: 24KB

.rsrc
Size: 12KB - Virtual size: 11KB