6eab679ed2e8e20811ec268fd60d23a0_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

6eab679ed2e8e20811ec268fd60d23a0_NeikiAnalytics
Size

488KB
MD5

6eab679ed2e8e20811ec268fd60d23a0
SHA1

b263f140f98e9cd296e00880761cd8c579259ad7
SHA256

8181641ed84852ed058265790327cd8221f278303f3eef656b80fb14154e27a9
SHA512

a4ea7fdcdc90185b05d71f2c1d822c829bfb09572e9b5b72de5f3191bff2e2fd99e8181be658ee78e30078cd4dd96dae5c9a5673df510abaf8ae3f9481d1136f
SSDEEP

12288:jzCC3j4ih1LVoT1hfi1e5Qafy2GhJK0bkGUY7lYX3:vCC3FvkG6X3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6eab679ed2e8e20811ec268fd60d23a0_NeikiAnalytics

Files

6eab679ed2e8e20811ec268fd60d23a0_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

171004b59cef85f1a6b4697db3ad4556

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryA
GlobalUnlock
GlobalLock
LocalFree
FileTimeToSystemTime
FileTimeToLocalFileTime
SystemTimeToFileTime
GetSystemTime
GetFileTime
CreateDirectoryA
GetLocalTime
LockFile
UnlockFile
GetVersionExA
GetProcAddress
GetModuleHandleA
FreeLibrary
LoadLibraryA
GetSystemDirectoryA
CreateThread
TerminateThread
GetTempFileNameA
GlobalFree
GlobalAlloc
LocalAlloc
SetEnvironmentVariableA
CompareStringW
CompareStringA
DeleteFileA
SetEndOfFile
GetOEMCP
GetACP
GetCPInfo
LCMapStringW
LCMapStringA
SetStdHandle
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetFileType
GetStdHandle
SetHandleCount
InterlockedIncrement
InterlockedDecrement
RtlUnwind
DeleteCriticalSection
GetComputerNameA
lstrcpynA
MoveFileExA
CreateProcessA
SetFilePointer
SetFileAttributesA
RemoveDirectoryA
FindFirstFileA
FindNextFileA
FindClose
CopyFileA
WaitNamedPipeA
Sleep
SetNamedPipeHandleState
lstrcpyA
HeapCreate
HeapDestroy
GetEnvironmentVariableA
SetLastError
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
InitializeCriticalSection
GetFullPathNameA
HeapSize
WriteFile
lstrcatA
ReadFile
CreateFileA
GetFileSize
GetLastError
CloseHandle
GetModuleFileNameA
lstrlenA
ExitProcess
GetVersion
GetCommandLineA
GetCurrentProcessId
GetStartupInfoA
LeaveCriticalSection
EnterCriticalSection
HeapReAlloc
HeapAlloc
HeapFree
GetTimeZoneInformation
GlobalSize
VirtualAlloc
VirtualLock
VirtualFree
FindResourceA
LoadResource
LockResource
FreeResource
VirtualUnlock
FlushFileBuffers
SetCurrentDirectoryA
GetDiskFreeSpaceA
GetDriveTypeA
DeviceIoControl
SetVolumeLabelA
GetFileInformationByHandle
DosDateTimeToFileTime
LocalFileTimeToFileTime
TlsAlloc
GlobalHandle
TlsSetValue
TlsFree
TlsGetValue
lstrcmpA
IsBadStringPtrA
QueryPerformanceCounter
IsBadReadPtr
GetCurrentDirectoryA
GetTickCount
GetCurrentThreadId
GetVolumeInformationA
lstrcmpiA
IsDBCSLeadByte
GetFileAttributesA
FileTimeToDosDateTime
GlobalReAlloc
MoveFileA
SetFileTime

user32

IsWindow
CreateWindowExA
SetCursor
DialogBoxParamA
EndDialog
SetWindowTextA
SetForegroundWindow
CharPrevA
CharUpperBuffA
GetActiveWindow
CharLowerA
OemToCharA
OemToCharBuffA
CharToOemA
CharNextA
WaitForInputIdle
EnumWindows
GetWindowThreadProcessId
CharUpperA
SendMessageA
PostMessageA
wsprintfA
GetSystemMetrics
MessageBoxA
SetDlgItemTextA
UpdateWindow
GetMessageA
LoadCursorA
RegisterClassA
DispatchMessageA
ShowWindow
DefWindowProcA
PeekMessageA
TranslateMessage
PostQuitMessage

gdi32

GetStockObject

winspool.drv

ClosePrinter
EndDocPrinter
EndPagePrinter
WritePrinter
StartPagePrinter
StartDocPrinterA
OpenPrinterA
EnumJobsA

comdlg32

GetSaveFileNameA

ws2_32

gethostname
inet_ntoa
WSAGetLastError
gethostbyaddr
gethostbyname
WSAStartup
ntohl
WSACleanup
recv
send
closesocket
setsockopt
connect
socket
WSASetLastError
htonl
getservbyname
htons
ntohs
getservbyport
shutdown
inet_addr

Sections

.text
Size: 384KB - Virtual size: 383KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

171004b59cef85f1a6b4697db3ad4556

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

comdlg32

ws2_32

Sections

.text Size: 384KB - Virtual size: 383KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 80KB - Virtual size: 1.3MB

.rsrc Size: 4KB - Virtual size: 920B

.text
Size: 384KB - Virtual size: 383KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 80KB - Virtual size: 1.3MB

.rsrc
Size: 4KB - Virtual size: 920B