32e276a69652a8a5bbec21b17368a800_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

32e276a69652a8a5bbec21b17368a800_NeikiAnalytics
Size

908KB
MD5

32e276a69652a8a5bbec21b17368a800
SHA1

ef5e8d921c10afb518d3884c37ae54877d23491a
SHA256

10be7ef95b1204e639077b26c3ac3415162bb1a75d98e3e2f0b5603ec1cf3c13
SHA512

7dc562468cc14f0cd7bf2dbabe4048a2a40caaf50a10d13c48e43b5cb0c338481f2447d70d3eae2508b0dff508a18c4ffd8d0b71eaa233ed94a055be4d365070
SSDEEP

24576:iznaW6rb90v5rDaRNmeO+2igAP4Wg0ldOaWOzO0vCnJvEGjDU81H/J3VRamxKUwm:izcUrDaRNmeO+2ige4ZqdOaWOzOcC9Eu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
32e276a69652a8a5bbec21b17368a800_NeikiAnalytics

Files

32e276a69652a8a5bbec21b17368a800_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

220754ce6d3864f3bddd43a5e0513f11

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

powrprof

CallNtPowerInformation
SetActivePwrScheme
GetActivePwrScheme
GetCurrentPowerPolicies
ReadGlobalPwrPolicy

shlwapi

PathCombineW
PathRenameExtensionW
PathRemoveFileSpecW
PathFindExtensionW
PathGetDriveNumberW
PathStripToRootW
PathFindFileNameW
PathRemoveExtensionW
PathAddBackslashW
PathFileExistsW
PathAppendW
UrlUnescapeW

msvcp71

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Nomemory@std@@YAXXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

msvcr71

_strnicmp
fputws
_wtoi
_resetstkoflw
fclose
_wcsupr
time
wcsstr
_wsplitpath
_vscwprintf
vswprintf
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
??1exception@@UAE@XZ
wcscat
wcsncpy
_beginthread
wcscmp
_purecall
memmove
??_V@YAXPAX@Z
realloc
wcschr
wcscpy
wcslen
_stricmp
_wcsicmp
__CxxFrameHandler
??3@YAXPAX@Z
_except_handler3
_CxxThrowException
free
malloc
strncpy
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
strtok
_acmdln
exit
_cexit
_ismbblead
_XcptFilter
_exit
_c_exit
_onexit
__dllonexit
?terminate@@YAXXZ
__security_error_handler
??1type_info@@UAE@XZ
_callnewh
memset
wcstoul
wcsspn
_endthread
_strtoi64
atoi
srand
rand
swprintf
_wmakepath
wcscspn
wcsncat
_strlwr
strncmp
_ultoa
fopen
_wmkdir
_mkdir
_wfopen
toupper
_wcsnicmp
_time64
wcstok
fsetpos
fseek
ftell
fread
strstr
fwrite
wcstol
_wcslwr
sprintf
fgetws
_amsg_exit

msimg32

TransparentBlt
AlphaBlend

comctl32

ImageList_Draw
ImageList_Add
ImageList_DragLeave
ImageList_EndDrag
ImageList_DragMove
ImageList_GetImageInfo
ImageList_Merge
ImageList_Destroy
ImageList_BeginDrag
ImageList_DragEnter
ImageList_LoadImageW
ImageList_Create
ImageList_ReplaceIcon
PropertySheetW
_TrackMouseEvent
ord17
ImageList_GetIcon

winmm

mixerSetControlDetails
mixerGetDevCapsA
mixerOpen
mixerGetID
mixerGetNumDevs
mixerClose
mixerGetLineInfoA
mixerGetLineControlsA
mixerGetControlDetailsA
mmioClose
mmioDescend
mmioOpenW
mciSendCommandA
timeGetTime

gdiplus

GdipCreateBitmapFromFileICM
GdiplusStartup
GdiplusShutdown
GdipFree
GdipGetImageGraphicsContext
GdipBitmapLockBits
GdipAlloc
GdipCloneImage
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipDrawImageI
GdipCreateBitmapFromScan0
GdipGetImagePalette
GdipCreateBitmapFromFile
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipDisposeImage
GdipGetImageWidth
GdipGetImageHeight

urlmon

URLDownloadToFileW
URLDownloadToCacheFileW

kernel32

GetSystemDirectoryA
GetWindowsDirectoryA
GetModuleFileNameA
GetModuleHandleA
CompareStringA
GetSystemTime
LoadLibraryA
GetFileSize
ReadFile
WriteFile
_llseek
GetVersionExA
GetSystemPowerStatus
IsBadReadPtr
IsBadWritePtr
GetThreadLocale
GetLocaleInfoA
GetACP
GetUserDefaultLCID
EnumResourceLanguagesW
GetVersion
CreateFileA
DeviceIoControl
SetThreadExecutionState
GetLocalTime
SystemTimeToFileTime
InterlockedExchange
GlobalHandle
GlobalFree
FindClose
GlobalLock
GlobalUnlock
MulDiv
SetLastError
HeapFree
GlobalAlloc
SetErrorMode
GetCommandLineW
lstrlenA
InterlockedDecrement
SetEvent
InterlockedIncrement
CreateThread
GetCurrentThreadId
HeapDestroy
HeapReAlloc
HeapSize
ExitProcess
GetStartupInfoA
GetCurrentProcessId
GetSystemTimeAsFileTime
GetDriveTypeA
VirtualFree
VirtualAlloc
ResetEvent
CreateEventA
QueryDosDeviceA
GetTickCount
QueryPerformanceCounter
SetEndOfFile
Process32FirstW
Process32NextW
Sleep
FreeLibrary
WaitForSingleObject
CreateToolhelp32Snapshot
Process32First
CloseHandle
Process32Next
GetProcessHeap
HeapAlloc
GetCurrentProcess
FlushInstructionCache
GetLastError
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException

user32

CheckMenuItem
EnableMenuItem
GetCursorPos
CreatePopupMenu
DeleteMenu
SetCursor
GetSysColorBrush
DrawIcon
MapWindowPoints
ScreenToClient
FrameRect
GetDlgCtrlID
EnumChildWindows
SetDlgItemInt
GetDlgItemInt
CheckDlgButton
GetKeyState
IsDlgButtonChecked
CheckRadioButton
DestroyIcon
TrackPopupMenu
MonitorFromPoint
wsprintfA
GetMenuItemCount
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
ClientToScreen
GetAsyncKeyState
SetRect
InflateRect
IsRectEmpty
PostQuitMessage
ShowCursor
UnionRect
GetUpdateRgn
SetWindowRgn
DrawIconEx
GetSubMenu
RemoveMenu
DestroyMenu
SetParent
UpdateWindow
IsZoomed
IsIconic
CopyRect
MapDialogRect
SetWindowContextHelpId
GetActiveWindow
SetTimer
KillTimer
RedrawWindow
DestroyAcceleratorTable
GetDlgItem
SetFocus
GetFocus
IsChild
GetWindow
BeginPaint
EndPaint
InvalidateRgn
InvalidateRect
ReleaseDC
GetDC
FillRect
SetCapture
ReleaseCapture
GetSysColor
GetParent
IsWindowVisible
ShowWindow
GetClientRect
BringWindowToTop
IntersectRect
OffsetRect
GetForegroundWindow
GetWindowThreadProcessId
AttachThreadInput
SetForegroundWindow
GetDesktopWindow
TranslateMessage
DestroyWindow
IsWindow
EndDialog
GetSystemMetrics
GetWindowRect
SetWindowPos
ExitWindowsEx
MoveWindow

gdi32

OffsetClipRgn
SetRectRgn
CreateRectRgnIndirect
CreateRectRgn
CombineRgn
SaveDC
SetGraphicsMode
ModifyWorldTransform
SetViewportOrgEx
SetWindowOrgEx
DPtoLP
RestoreDC
CreateDIBSection
SetStretchBltMode
StretchBlt
SetBkMode
SetTextColor
SetDIBColorTable
CreateSolidBrush
GetStockObject
GetDeviceCaps
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
SelectObject
DeleteObject
CreateBitmap
SetBkColor
OffsetRgn
LPtoDP
GetRegionData
ExtCreateRegion
CreatePolygonRgn
RectInRegion
PtInRegion
GetDIBColorTable
SelectClipRgn
CreatePen
MoveToEx
LineTo
Rectangle
GetRgnBox

advapi32

RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges

shell32

SHGetSpecialFolderPathW
SHGetSpecialFolderLocation
CommandLineToArgvW
SHGetMalloc
DragFinish
SHGetDesktopFolder
DragAcceptFiles

ole32

CreateClassMoniker
StringFromCLSID
CoRevokeClassObject
CoRegisterClassObject
CoTaskMemAlloc
OleUninitialize
OleInitialize
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
CreateStreamOnHGlobal
OleLockRunning
CoCreateInstance
StringFromGUID2
CoUninitialize
CoInitialize
CoTaskMemRealloc
CoTaskMemFree
GetRunningObjectTable

oleaut32

VariantInit
DispCallFunc
VariantChangeType
SysAllocStringByteLen
VariantCopy
VarCmp
LoadRegTypeLi
OleCreateFontIndirect
SysStringByteLen
SysStringLen
SysAllocStringLen
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
VarUI4FromStr
VariantClear
SysFreeString

Sections

.text
Size: 564KB - Virtual size: 561KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 220KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

220754ce6d3864f3bddd43a5e0513f11

Headers

File Characteristics

Imports

powrprof

shlwapi

msvcp71

msvcr71

msimg32

comctl32

winmm

gdiplus

urlmon

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 564KB - Virtual size: 561KB

.rdata Size: 96KB - Virtual size: 92KB

.data Size: 24KB - Virtual size: 28KB

.rsrc Size: 220KB - Virtual size: 216KB

.text
Size: 564KB - Virtual size: 561KB

.rdata
Size: 96KB - Virtual size: 92KB

.data
Size: 24KB - Virtual size: 28KB

.rsrc
Size: 220KB - Virtual size: 216KB