D:\bin\Tools\lolixml2008\Debug\lolixml2008.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
0025c13973078afbde6007ae0479cd50_NeikiAnalytics.exe
Resource
win7-20240221-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
0025c13973078afbde6007ae0479cd50_NeikiAnalytics.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
0025c13973078afbde6007ae0479cd50_NeikiAnalytics
-
Size
7.4MB
-
MD5
0025c13973078afbde6007ae0479cd50
-
SHA1
ebfbe5aad223f3edfc354a412102f309e0ad1389
-
SHA256
7c92c70ecbb135de842bf88ac431fc99567a1dcd7cfa65cc2b59f883a188cc92
-
SHA512
4774327a12f634c3168e08c833fb0db573a9efe718e6dccbb95d229fa3f0187a05709b10f2007d6c80230a2d4fded5dfdad38b0bd7506aea466de94f899b12d9
-
SSDEEP
98304:dl6g3CK719v9cchaVkJIgwDLUsM8m/xEhYSqK:PCQwLUsMB/x0q
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 0025c13973078afbde6007ae0479cd50_NeikiAnalytics
Files
-
0025c13973078afbde6007ae0479cd50_NeikiAnalytics.exe windows:5 windows x86 arch:x86
b5a69ddc46f96308babace209fd18325
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
kernel32
GetSystemDirectoryA
LoadLibraryA
OpenFileMappingA
GetModuleHandleA
MapViewOfFile
UnmapViewOfFile
FileTimeToLocalFileTime
OpenEventA
LockResource
SizeofResource
CreateFileMappingA
VirtualProtect
LoadResource
WideCharToMultiByte
CreateDirectoryA
GetLastError
lstrlenW
MultiByteToWideChar
VirtualAlloc
VirtualFree
GetModuleFileNameW
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
GetProcAddress
LoadLibraryW
GetLocaleInfoW
GetCurrentThreadId
GetCurrentThread
lstrcmpA
GlobalDeleteAtom
FreeLibrary
GetModuleHandleW
GlobalAlloc
lstrcmpW
GlobalLock
InterlockedExchange
SetLastError
DeactivateActCtx
ActivateActCtx
CompareStringA
CloseHandle
WaitForSingleObject
SetEvent
SuspendThread
CreateEventW
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
GlobalAddAtomW
GetCurrentProcessId
FreeResource
GlobalFree
GlobalUnlock
LocalFree
FormatMessageW
GlobalSize
CopyFileW
MulDiv
SetThreadPriority
GetThreadPriority
ResumeThread
GlobalFindAtomW
GlobalGetAtomNameW
GetVersionExW
CompareStringW
GlobalReAlloc
lstrlenA
GetHandleInformation
DuplicateHandle
GetCurrentProcess
CreateFileW
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
MoveFileW
DeleteFileW
FindClose
FindFirstFileW
GetVolumeInformationW
GetFullPathNameW
GetStringTypeExW
GetThreadLocale
lstrcmpiW
GetShortPathNameW
CreateActCtxW
ReleaseActCtx
InterlockedDecrement
GetCurrentDirectoryW
InterlockedIncrement
SetErrorMode
GlobalFlags
lstrcpyW
LocalAlloc
InitializeCriticalSection
TlsAlloc
DeleteCriticalSection
GlobalHandle
TlsFree
LeaveCriticalSection
EnterCriticalSection
TlsSetValue
LocalReAlloc
TlsGetValue
GetFileAttributesW
GetAtomNameW
FindResourceW
GetProfileIntW
FileTimeToSystemTime
SystemTimeToFileTime
lstrcpyA
GetFileSizeEx
GetFileTime
GetFileAttributesExW
LocalFileTimeToFileTime
SetFileTime
SetFileAttributesW
GetTempFileNameW
GetDiskFreeSpaceW
ReplaceFileW
GetUserDefaultLCID
GetTempPathW
SearchPathW
GetTickCount
Sleep
PulseEvent
ResetEvent
InitializeCriticalSectionAndSpinCount
FindResourceExW
GetWindowsDirectoryW
GetNumberFormatW
CreateSemaphoreW
ReleaseSemaphore
CreateMutexW
ReleaseMutex
WaitForMultipleObjects
LocalUnlock
LocalLock
GetCommandLineW
HeapSetInformation
GetStartupInfoW
RtlUnwind
EncodePointer
DecodePointer
WriteConsoleW
GetFileType
GetStdHandle
IsDebuggerPresent
RaiseException
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapValidate
IsBadReadPtr
ExitProcess
CreateThread
ExitThread
GetModuleFileNameA
GetSystemTimeAsFileTime
GetSystemInfo
VirtualQuery
OutputDebugStringA
OutputDebugStringW
SetStdHandle
QueryPerformanceCounter
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapCreate
HeapDestroy
FatalAppExitA
SetConsoleCtrlHandler
IsProcessorFeaturePresent
GetConsoleCP
GetConsoleMode
GetStringTypeW
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
HeapFree
HeapAlloc
GetProcessHeap
HeapReAlloc
HeapSize
HeapQueryInformation
LCMapStringW
CreateFileA
GetLocaleInfoA
IsValidLocale
EnumSystemLocalesA
GetTimeZoneInformation
SetEnvironmentVariableA
user32
CharUpperW
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextW
SetDlgItemInt
GetDlgItemTextW
GetDlgItemInt
CheckRadioButton
CheckDlgButton
RegisterWindowMessageW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
SendDlgItemMessageW
SendDlgItemMessageA
MonitorFromWindow
GetMonitorInfoW
GetSysColor
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
WinHelpW
TrackPopupMenuEx
TrackPopupMenu
SetWindowPlacement
GetWindowPlacement
GetWindowTextLengthW
GetWindowTextW
GetDlgCtrlID
GetClassLongW
GetClassNameW
SetPropW
UnhookWindowsHookEx
GetPropW
CallWindowProcW
RemovePropW
DefWindowProcW
SetMenu
GetMenu
GetMessageTime
GetMessagePos
SetWindowLongW
CheckMenuRadioItem
GetMenuContextHelpId
SetMenuContextHelpId
LoadMenuIndirectW
LoadMenuW
ModifyMenuW
InsertMenuItemW
SetMenuItemInfoW
GetMenuItemInfoW
GetMenuDefaultItem
SetMenuDefaultItem
EnableMenuItem
CheckMenuItem
DeleteMenu
CreatePopupMenu
CreateMenu
ScrollDC
GrayStringW
GetTabbedTextExtentW
DrawTextExW
DrawTextW
DrawFocusRect
DrawFrameControl
DrawEdge
DrawStateW
DrawIcon
InvertRect
FrameRect
FillRect
ExcludeUpdateRgn
RealChildWindowFromPoint
DestroyAcceleratorTable
OpenIcon
CloseWindow
LoadIconW
LoadCursorW
PostThreadMessageW
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
NotifyWinEvent
GetWindowContextHelpId
SendNotifyMessageW
GetForegroundWindow
SetForegroundWindow
ShowCaret
HideCaret
SetCaretPos
GetCaretPos
CreateCaret
GetClipboardViewer
GetClipboardOwner
GetOpenClipboardWindow
OpenClipboard
SetClipboardViewer
ChangeClipboardChain
FlashWindow
WindowFromPoint
SetParent
IsChild
GetTopWindow
FindWindowExW
FindWindowW
CreateAcceleratorTableW
CopyAcceleratorTableW
ToUnicodeEx
MapVirtualKeyW
ChildWindowFromPointEx
ChildWindowFromPoint
IsIconic
IsZoomed
LoadStringA
PeekMessageA
IsWindowUnicode
ShowScrollBar
GetNextDlgTabItem
GetNextDlgGroupItem
DlgDirSelectComboBoxExW
DlgDirSelectExW
DlgDirListComboBoxW
DlgDirListW
SetCapture
GetCapture
KillTimer
SetTimer
DrawCaption
DrawAnimatedRects
EnableScrollBar
RedrawWindow
GetKeyboardLayout
GetKeyboardState
GetAsyncKeyState
TranslateAcceleratorW
DefFrameProcW
ReuseDDElParam
UnpackDDElParam
GetMenuBarInfo
DestroyIcon
LoadImageW
MonitorFromPoint
EnumChildWindows
RegisterClipboardFormatW
CopyImage
SetClipboardData
LockWindowUpdate
GetDCEx
ShowOwnedPopups
IsWindowVisible
ValidateRgn
InvalidateRgn
InvalidateRect
GetUpdateRgn
GetUpdateRect
UpdateWindow
ReleaseDC
EnumDisplayMonitors
SetLayeredWindowAttributes
LoadAcceleratorsW
DestroyMenu
ReleaseCapture
WindowFromDC
WaitMessage
GetMessageA
DispatchMessageA
SubtractRect
UnionRect
IntersectRect
InflateRect
SetRect
ArrangeIconicWindows
SetWindowRgn
GetWindowRgn
BringWindowToTop
GetWindowRect
GetClientRect
MapWindowPoints
ClientToScreen
ScreenToClient
BeginPaint
EndPaint
GetDC
GetWindowDC
CloseClipboard
EmptyClipboard
SetClassLongW
SetRectEmpty
GetClipboardFormatNameA
GetClipboardFormatNameW
GetDialogBaseUnits
CharNextW
GetKeyNameTextW
UnregisterClassW
DrawIconEx
SetCursorPos
UpdateLayeredWindow
IsCharLowerW
MapVirtualKeyExW
MessageBoxA
GetSystemMetrics
PostQuitMessage
MessageBeep
OffsetRect
SystemParametersInfoW
MapDialogRect
IsWindow
SendMessageW
PostMessageW
TabbedTextOutW
GetFocus
SetMenuItemBitmaps
LoadBitmapW
GetMenuCheckMarkDimensions
DispatchMessageW
TranslateMessage
GetMessageW
ValidateRect
SetWindowsHookExW
GetCursorPos
PeekMessageW
CallNextHookEx
GetKeyState
SetCursor
GetWindowThreadProcessId
EnableWindow
IsWindowEnabled
GetLastActivePopup
GetParent
GetWindowLongW
MessageBoxW
GetDlgItem
DestroyWindow
CreateDialogIndirectParamW
SetActiveWindow
GetActiveWindow
GetDesktopWindow
EndDialog
SetWindowContextHelpId
GetWindow
SetWindowPos
GetMenuItemID
InsertMenuW
AppendMenuW
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemCount
IsMenu
RemoveMenu
DragDetect
DrawMenuBar
GetSystemMenu
MsgWaitForMultipleObjectsEx
DestroyCursor
GetDoubleClickTime
GetIconInfo
InSendMessage
IsRectEmpty
CopyIcon
PtInRect
CharUpperBuffW
IsClipboardFormatAvailable
DefMDIChildProcW
TranslateMDISysAccel
GetSysColorBrush
HiliteMenuItem
gdi32
DeleteMetaFile
GetTextExtentPointW
GetSystemPaletteEntries
EnumFontFamiliesExW
StretchDIBits
SetDIBColorTable
GetDIBits
CreateDIBSection
CreateDIBitmap
GetTextCharsetInfo
EnumFontFamiliesW
PlayMetaFile
EnumMetaFile
PlayMetaFileRecord
ExtSelectClipRgn
SelectClipPath
GetClipRgn
DeleteObject
PolyBezierTo
SetColorAdjustment
PolylineTo
PolyDraw
SetArcDirection
ArcTo
SetLayout
GetLayout
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
LineTo
MoveToEx
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SelectClipRgn
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SelectPalette
RestoreDC
SaveDC
DeleteDC
SetBkColor
SetTextColor
PlayEnhMetaFile
GdiComment
WidenPath
StrokePath
StrokeAndFillPath
SetMiterLimit
GetPath
GetMiterLimit
FlattenPath
FillPath
EndPath
CloseFigure
BeginPath
AbortPath
GetCharWidthFloatW
GetCharABCWidthsFloatW
ExtEscape
DrawEscape
PolyBezier
GetCurrentObject
GetColorAdjustment
PolyPolyline
GetArcDirection
AngleArc
SetPixelV
PlgBlt
MaskBlt
EndDoc
AbortDoc
SetAbortProc
EndPage
StartPage
StartDocW
GetGlyphOutlineW
GetKerningPairsW
GetFontData
GetCharABCWidthsW
GetOutlineTextMetricsW
ResetDCW
GetBoundsRect
SetBoundsRect
Escape
GetAspectRatioFilterEx
GetCharacterPlacementW
GetFontLanguageInfo
GetCharWidthW
GetTextCharacterExtra
GetTextMetricsW
GetTextFaceW
GetTextAlign
GetTextExtentPoint32W
TextOutW
ExtFloodFill
FloodFill
SetPixel
GetPixel
StretchBlt
BitBlt
PatBlt
RoundRect
Rectangle
PolyPolygon
Polygon
Pie
Ellipse
Chord
Polyline
Arc
GetCurrentPositionEx
RectVisible
PtVisible
PaintRgn
InvertRgn
FrameRgn
FillRgn
LPtoDP
DPtoLP
GetWindowExtEx
GetWindowOrgEx
GetViewportExtEx
GetViewportOrgEx
GetWorldTransform
GetGraphicsMode
GetMapMode
GetTextColor
GetStretchBltMode
GetROP2
GetPolyFillMode
GetBkMode
GetBkColor
UpdateColors
RealizePalette
GetNearestColor
SelectObject
EnumObjects
SetBrushOrgEx
GetBrushOrgEx
CreateCompatibleDC
CreateICW
RectInRegion
PtInRegion
GetRgnBox
OffsetRgn
EqualRgn
CombineRgn
SetRectRgn
GetRegionData
ExtCreateRegion
PathToRegion
CreateRoundRectRgn
CreatePolyPolygonRgn
CreatePolygonRgn
CreateEllipticRgnIndirect
CreateEllipticRgn
CreateRectRgnIndirect
CreateRectRgn
ResizePalette
GetNearestPaletteIndex
AnimatePalette
SetPaletteEntries
GetPaletteEntries
CreateHalftonePalette
CreatePalette
CreateDiscardableBitmap
CreateCompatibleBitmap
GetBitmapDimensionEx
SetBitmapDimensionEx
GetBitmapBits
SetBitmapBits
CreateBitmapIndirect
CreateFontW
CreateFontIndirectW
CreateDIBPatternBrushPt
CreatePatternBrush
CreateBrushIndirect
CreateHatchBrush
CreateSolidBrush
ExtCreatePen
CreatePenIndirect
CreatePen
GetObjectType
UnrealizeObject
GetStockObject
GetObjectW
GetDeviceCaps
CreateDCW
CopyMetaFileW
CreateBitmap
ExtTextOutW
CloseEnhMetaFile
CreateEnhMetaFileW
CloseMetaFile
CreateMetaFileW
msimg32
AlphaBlend
GradientFill
TransparentBlt
comdlg32
GetFileTitleW
winspool.drv
OpenPrinterW
DocumentPropertiesW
ClosePrinter
GetJobW
advapi32
OpenThreadToken
RevertToSelf
SetThreadToken
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegQueryValueW
RegEnumKeyW
RegSetValueW
RegEnumValueW
GetFileSecurityW
SetFileSecurityW
RegEnumKeyExW
shell32
SHAppBarMessage
DragQueryFileW
DragFinish
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHBrowseForFolderW
SHGetMalloc
SHAddToRecentDocs
SHGetFileInfoW
DragAcceptFiles
ShellExecuteW
ShellExecuteExW
ExtractIconW
SHGetPathFromIDListW
comctl32
InitCommonControlsEx
ImageList_GetIconSize
ImageList_ReplaceIcon
ImageList_Create
ImageList_Destroy
ImageList_AddMasked
ImageList_Remove
ImageList_GetIcon
ImageList_GetImageCount
ImageList_DrawEx
shlwapi
PathIsUNCW
PathRemoveFileSpecW
PathFindFileNameW
PathRemoveExtensionW
PathFindExtensionW
PathStripToRootW
ole32
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
CoRegisterClassObject
CoRevokeClassObject
OleRun
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleQueryCreateFromData
CoMarshalInterface
OleQueryLinkFromData
CoRegisterMessageFilter
OleRegEnumVerbs
OleRegGetMiscStatus
GetClassFile
GetRunningObjectTable
CreateOleAdviseHolder
CreateDataAdviseHolder
OleIsRunning
CreateItemMoniker
CreateGenericComposite
OleSaveToStream
WriteClassStm
OleGetIconOfClass
GetHGlobalFromILockBytes
StgIsStorageILockBytes
OleSave
OleLoad
OleCreate
OleCreateLinkToFile
OleCreateFromFile
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
OleSetContainedObject
StgIsStorageFile
StgOpenStorage
StgCreateDocfile
CreateFileMoniker
CoGetMalloc
OleSetMenuDescriptor
OleLockRunning
OleGetClipboard
DoDragDrop
OleFlushClipboard
OleSetClipboard
OleIsCurrentClipboard
PropVariantCopy
CoDisconnectObject
StringFromGUID2
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CreateStreamOnHGlobal
CoInitialize
CoUninitialize
CoInitializeEx
CoCreateInstance
CoUnmarshalInterface
CoReleaseMarshalData
ReleaseStgMedium
CoTaskMemAlloc
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CreateBindCtx
CoTaskMemFree
OleDuplicateData
oleaut32
VariantTimeToSystemTime
VarUdateFromDate
VarDateFromUdate
SystemTimeToVariantTime
VarBstrFromDec
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayCopy
VarBstrFromCy
VarCyFromStr
DosDateTimeToVariantTime
VariantCopy
SafeArrayCreate
SafeArrayRedim
SysAllocString
SysFreeString
SysAllocStringLen
SysAllocStringByteLen
SysStringByteLen
VariantClear
VariantChangeType
VariantInit
SysStringLen
OleCreateFontIndirect
SafeArrayDestroy
SafeArrayGetDim
SafeArrayGetElemsize
RegisterTypeLi
LoadTypeLi
LoadRegTypeLi
VarBstrFromDate
VarDateFromStr
SysReAllocStringLen
VarDecFromStr
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetLBound
oledlg
OleUIPasteSpecialW
OleUIUpdateLinksW
OleUIEditLinksW
OleUIChangeIconW
OleUIConvertW
OleUIInsertObjectW
OleUIBusyW
gdiplus
GdipCreateFromHDC
GdipCreateBitmapFromStreamICM
GdipBitmapUnlockBits
GdiplusStartup
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipGetImagePalette
GdipGetImagePaletteSize
GdipSetInterpolationMode
GdipGetImageHeight
GdipGetImageWidth
GdipDrawImageI
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipAlloc
GdipCloneImage
GdipDisposeImage
GdipFree
GdipDrawImageRectI
GdipCreateBitmapFromHBITMAP
GdipGetImagePixelFormat
GdipCreateBitmapFromStream
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdiplusShutdown
odbc32
ord72
ord4
ord48
ord49
ord20
ord117
ord59
ord108
ord44
ord119
ord46
ord12
ord68
ord43
ord141
ord2
ord1
ord23
ord150
ord145
ord51
ord15
ord9
ord14
ord3
ord111
ord18
ord13
ord61
ord5
ord16
ord110
oleacc
LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow
imm32
ImmReleaseContext
ImmGetContext
ImmGetOpenStatus
winmm
PlaySoundW
Sections
.textbss Size: - Virtual size: 2.9MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text Size: 6.0MB - Virtual size: 6.0MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 915KB - Virtual size: 915KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 44KB - Virtual size: 82KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 28KB - Virtual size: 27KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 101KB - Virtual size: 100KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 298KB - Virtual size: 298KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ