055e27da027a23fc17f67fdd7dfa29c840e83e1a135dac45954dfcd6b2bfcd28_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

055e27da027a23fc17f67fdd7dfa29c840e83e1a135dac45954dfcd6b2bfcd28_NeikiAnalytics.exe
Size

133KB
MD5

673e509a8d1cc6d3239021af94296920
SHA1

7dc947b9e42d68acd0fc1da41dcaa089551e723d
SHA256

055e27da027a23fc17f67fdd7dfa29c840e83e1a135dac45954dfcd6b2bfcd28
SHA512

0fdbd178a27dd22e86f3aabfc2dedd075b15450f0541c870091e299b3166cdd9dfa6b93354128aff6d8b5e43db586920e2ba1ee52186721cbf73b14a36cf6d97
SSDEEP

3072:nnsdWfFMsEUf5kTjw8Staszp82+Egsk8z5xuc9f3bj9lFQhZhIO4n0MAIQhxBlnn:VdmE4kp82pgsk8z599KhZhIO4n0MAIQz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
055e27da027a23fc17f67fdd7dfa29c840e83e1a135dac45954dfcd6b2bfcd28_NeikiAnalytics.exe

Files

055e27da027a23fc17f67fdd7dfa29c840e83e1a135dac45954dfcd6b2bfcd28_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

716d64333bc9ae44bf3e8026ee19ce11

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\PGPDesktop906src\clients2\sc\sda\Release\PGPsda.pdb

Imports

comctl32

ord17

kernel32

HeapSize
SetEndOfFile
GetSystemInfo
VirtualProtect
GetLocaleInfoA
CreateFileW
InitializeCriticalSection
VirtualQuery
InterlockedExchange
RtlUnwind
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
WideCharToMultiByte
LCMapStringA
TlsGetValue
TlsSetValue
TlsFree
SetLastError
TlsAlloc
GetCPInfo
GetOEMCP
FlushFileBuffers
WriteFile
SetStdHandle
GetFileType
GetStdHandle
SetHandleCount
VirtualAlloc
DeleteCriticalSection
VirtualFree
HeapCreate
IsDBCSLeadByteEx
MulDiv
CreateFileA
DeleteFileA
GetFileAttributesA
CreateSemaphoreA
WaitForSingleObject
CloseHandle
CreateThread
lstrcpyA
ReleaseSemaphore
GetProcAddress
FreeLibrary
GetVersionExA
HeapDestroy
LeaveCriticalSection
lstrlenA
LoadLibraryA
GetModuleFileNameA
GetACP
ReadFile
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
ExitProcess
HeapFree
GetLastError
SetFilePointer
HeapAlloc
HeapReAlloc
CreateDirectoryW
CreateDirectoryA
DeleteFileW
RemoveDirectoryW
RemoveDirectoryA
GetSystemTimeAsFileTime
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
QueryPerformanceCounter
EnterCriticalSection

user32

GetKeyState
RegisterClassA
LoadStringA
MessageBoxW
MessageBoxA
SetWindowPos
GetSystemMetrics
GetWindowRect
DefWindowProcA
UpdateWindow
ShowWindow
SetWindowLongW
GetFocus
GetClientRect
CallWindowProcW
SetCaretPos
DestroyCaret
CreateCaret
ShowCaret
GetWindow
FillRect
GetParent
KillTimer
IsDlgButtonChecked
CheckDlgButton
LoadIconA
SetFocus
CreateWindowExA
GetKeyboardLayout
DialogBoxParamA
EndDialog
IsWindowEnabled
SetForegroundWindow
SetTimer
GetDlgItem
MapWindowPoints
SetWindowTextA
SendDlgItemMessageA
ActivateKeyboardLayout
SendMessageA
GetDC
ReleaseDC
SetWindowLongA
SystemParametersInfoA
GetWindowTextA
GetWindowLongA
CallWindowProcA
IsWindowVisible
BeginPaint
DrawIcon
GetSysColor
EndPaint
InvalidateRect

gdi32

DeleteDC
GetTextMetricsA
CreateCompatibleDC
CreateCompatibleBitmap
GetStockObject
GetObjectA
GetDeviceCaps
GetTextExtentPoint32W
ExtTextOutW
BitBlt
SetBkMode
TextOutW
TranslateCharsetInfo
DeleteObject
CreateSolidBrush
CreatePen
CreateFontIndirectA
SelectObject
SetTextColor
SetBkColor
Rectangle
ExtTextOutA

comdlg32

GetSaveFileNameA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc

Sections

.text
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

716d64333bc9ae44bf3e8026ee19ce11

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

Sections

.text Size: 70KB - Virtual size: 70KB

.rdata Size: 22KB - Virtual size: 22KB

.data Size: 8KB - Virtual size: 13KB

.rsrc Size: 30KB - Virtual size: 30KB

.text
Size: 70KB - Virtual size: 70KB

.rdata
Size: 22KB - Virtual size: 22KB

.data
Size: 8KB - Virtual size: 13KB

.rsrc
Size: 30KB - Virtual size: 30KB