3d49a14b22b02eb944a6efb63e0d8d70_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

3d49a14b22b02eb944a6efb63e0d8d70_NeikiAnalytics
Size

316KB
MD5

3d49a14b22b02eb944a6efb63e0d8d70
SHA1

b75a5d6a19d536e74fb26c11d8353cb125e18074
SHA256

4b288808ccd3720b98bf4d28f015e93ee040078186700c2621041739ca09d1d2
SHA512

c13981c522323e2d279e07ddfe2b1ca608e34fcfe904d054b13ba3afb3aed2b2ab7c66ef29659ae8aec3c7ba8d24c34022efe8879a17fb9f5ad8571be5c848d8
SSDEEP

6144:7YbomLHMyV+EN8NrM/w/jVeO8/um0xVamgK:EbomjMshNgMYBet/ECK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d49a14b22b02eb944a6efb63e0d8d70_NeikiAnalytics

Files

3d49a14b22b02eb944a6efb63e0d8d70_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

be1a9f10ef490601be36e1345e860738

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Project\FlyableHeart\program\release\FH.pdb

Imports

kernel32

LoadLibraryExA
CreateSemaphoreA
GetLastError
GetPrivateProfileStringA
OutputDebugStringA
SetCurrentDirectoryA
Sleep
FileTimeToSystemTime
GetFileTime
FileTimeToLocalFileTime
GetLocalTime
LocalAlloc
GetModuleFileNameA
DeleteFileA
CreateFileA
RtlUnwind
InitializeCriticalSection
LoadLibraryA
InterlockedExchange
FreeLibrary
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
HeapReAlloc
FindNextFileA
WriteFile
FindClose
lstrlenA
VirtualAlloc
EnterCriticalSection
SetFilePointer
FindFirstFileA
ReadFile
HeapSize
CloseHandle
LeaveCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapCreate
CreateDirectoryA
GetLogicalDrives
GetDriveTypeA
GetVolumeInformationA
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
ExitProcess
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
HeapDestroy
RaiseException

user32

WINNLSEnableIME
GetWindowTextA
MoveWindow
SetRect
LoadStringA
UnregisterClassA
GetWindowLongA
LoadIconA
CreateWindowExA
RegisterClassA
MessageBeep
GetDlgItem
ShowWindow
SetFocus
DestroyWindow
SendMessageA
DispatchMessageA
DefDlgProcA
IsDialogMessageA
TranslateMessage
SetWindowTextA
UpdateWindow
PostQuitMessage
LoadCursorA
wsprintfA
MessageBoxA
PeekMessageA

gdi32

DeleteObject
CreateFontIndirectA
GetStockObject

shell32

SHGetSpecialFolderPathA
ShellExecuteA

imm32

ImmSetConversionStatus
ImmSetOpenStatus
ImmGetContext
ImmReleaseContext

winmm

timeGetTime

shlwapi

PathRemoveFileSpecA
PathIsDirectoryA
PathFindFileNameA
PathRenameExtensionA

Sections

.text
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

be1a9f10ef490601be36e1345e860738

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

shell32

imm32

winmm

shlwapi

Sections

.text Size: 172KB - Virtual size: 172KB

.rdata Size: 32KB - Virtual size: 28KB

.data Size: 12KB - Virtual size: 13KB

.rsrc Size: 96KB - Virtual size: 93KB

.text
Size: 172KB - Virtual size: 172KB

.rdata
Size: 32KB - Virtual size: 28KB

.data
Size: 12KB - Virtual size: 13KB

.rsrc
Size: 96KB - Virtual size: 93KB