365fa6f40f69b60c74188a8a14540880_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

365fa6f40f69b60c74188a8a14540880_NeikiAnalytics
Size

6.2MB
MD5

365fa6f40f69b60c74188a8a14540880
SHA1

0b2f29cd4c0e4cdb8e085ae524dfec58b3ffdc1b
SHA256

bf91e6af88a23ed29312661393fe219deda93cc322a95499ee9c15067dc745ac
SHA512

b96eec82afca84e0e6d165f2f06298f621214d9a871d2f9c62d4cb868e92a3d99320e16f4f9d44ec0143ef111b648905eb63abe9fc55499672af84dcc280ae8a
SSDEEP

98304:i0SKrVGqfMmsDkJ228qR4xeBImwXpwEpXopiK6W1B/JdPwIHAL3PpxpKqnAefTqm:i0lhc1sQOBUh2BUB0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
365fa6f40f69b60c74188a8a14540880_NeikiAnalytics

Files

365fa6f40f69b60c74188a8a14540880_NeikiAnalytics
.dll windows:6 windows x86 arch:x86

9da655f24635d7946b68fc2027e1a8b5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLogicalDriveStringsW
CreateEventW
Sleep
FormatMessageW
GetLastError
GetFileAttributesExW
OutputDebugStringW
SetEvent
GetCurrentThread
TerminateThread
QueryPerformanceFrequency
DeleteFileW
CloseHandle
GetNativeSystemInfo
LoadLibraryW
GetCurrentDirectoryW
GetOverlappedResult
GetProcAddress
ReplaceFileW
ExitProcess
GetModuleHandleW
FreeLibrary
CreateFileMappingW
MapViewOfFile
QueryPerformanceCounter
MoveFileW
GetDriveTypeW
ConnectNamedPipe
SetUnhandledExceptionFilter
FlushFileBuffers
GetCommandLineW
CompareStringOrdinal
GlobalSize
LoadLibraryA
GlobalAlloc
GlobalFree
GlobalLock
GetCurrentProcessId
GlobalUnlock
HeapSize
SetStdHandle
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
FindFirstFileExW
GetOEMCP
GetACP
IsValidCodePage
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetFileSizeEx
DisconnectNamedPipe
GetFileAttributesW
HeapFree
HeapAlloc
GetFileType
GetStdHandle
ReadConsoleW
GetConsoleMode
SetFilePointerEx
FreeLibraryAndExitThread
ExitThread
CreateThread
GetTimeZoneInformation
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SetLastError
RaiseException
InterlockedFlushSList
RtlUnwind
InitializeSListHead
GetStartupInfoW
IsProcessorFeaturePresent
UnhandledExceptionFilter
WaitForSingleObjectEx
ResetEvent
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetStringTypeW
LCMapStringEx
DecodePointer
EncodePointer
GetSystemTimeAsFileTime
SleepConditionVariableSRW
SleepConditionVariableCS
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable
InitializeCriticalSectionEx
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
GetModuleHandleA
UnmapViewOfFile
GetSystemDirectoryW
GetConsoleOutputCP
CreateFileW
WaitForSingleObject
GetLocaleInfoW
FindClose
CreateMutexW
GetTempPathW
SetFilePointer
SetThreadPriority
WaitForMultipleObjects
GetModuleFileNameW
RemoveDirectoryW
TerminateProcess
GetModuleHandleExW
WriteFile
GetCurrentProcess
TryEnterCriticalSection
FindNextFileW
FindFirstFileW
CancelIo
GetVolumeInformationW
ReadFile
SetThreadAffinityMask
CreateDirectoryW
IsDebuggerPresent
WideCharToMultiByte
DeleteCriticalSection
MultiByteToWideChar
ReleaseMutex
GetCurrentThreadId
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapReAlloc
WriteConsoleW

user32

PostMessageW
AttachThreadInput
GetWindowThreadProcessId
ReleaseDC
GetDC
GetWindowTextW
SetWindowLongW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
TranslateMessage
SetFocus
EnumWindows
DispatchMessageW
RegisterClassExW
UnregisterClassW
CreateWindowExW
DestroyWindow
GetFocus
SendMessageTimeoutW
DefWindowProcW
GetMessageW
GetWindowLongW
EndPaint
BeginPaint
GetCursorPos
SetCursorPos
GetAncestor
InvalidateRect
ReleaseCapture
GetParent
SystemParametersInfoW
EnableMenuItem
GetDesktopWindow
ShowCaret
DrawIconEx
UpdateLayeredWindow
GetClientRect
SetCursor
ToUnicode
SetClipboardData
SetCapture
DestroyCaret
LoadCursorW
FindWindowW
LoadIconW
GetClipboardData
BringWindowToTop
SetLayeredWindowAttributes
GetMessageTime
GetForegroundWindow
TrackMouseEvent
MapWindowPoints
PeekMessageW
CreateCaret
IsChild
EmptyClipboard
CloseClipboard
CreateIconIndirect
GetMonitorInfoW
GetWindowInfo
DestroyIcon
RedrawWindow
OpenClipboard
GetSystemMenu
GetMessageExtraInfo
GetUpdateRgn
GetMessagePos
MapVirtualKeyW
FindWindowExW
GetWindowRect
IsWindowVisible
SetWindowPos
MessageBoxW
MonitorFromWindow
EnumChildWindows
EnumDisplayMonitors
GetIconInfo
SendMessageW
EndDialog
SetWindowTextW
MessageBeep
WindowFromPoint
GetWindowPlacement
DestroyCursor
GetKeyboardState
SetCaretPos
GetActiveWindow
ShowWindow
IsWindow
GetAsyncKeyState
GetCapture

gdi32

CreateRectRgnIndirect
CreateRectRgn
GetRegionData
GetObjectW
ExcludeClipRect
RestoreDC
CreateBitmap
SaveDC
SelectObject
GetKerningPairsW
CreateCompatibleDC
StretchDIBits
GetDeviceCaps
GetTextMetricsW
DeleteDC
SetMapperFlags
GetGlyphIndicesW
GetGlyphOutlineW
DeleteObject
RemoveFontMemResourceEx
SetMapMode
CreateFontIndirectW
GetOutlineTextMetricsW
EnumFontFamiliesExW
CreateDIBSection
AddFontMemResourceEx
CombineRgn

comdlg32

GetSaveFileNameW
GetOpenFileNameW

shell32

DragQueryFileW
SHCreateShellItem
SHGetMalloc
SHBrowseForFolderW
SHGetKnownFolderPath
SHParseDisplayName
SHGetPathFromIDListW
Shell_NotifyIconW
SHGetSpecialFolderPathW
ShellExecuteW
ExtractAssociatedIconW

ole32

RevokeDragDrop
CoInitializeEx
RegisterDragDrop
DoDragDrop
CoTaskMemFree
CoUninitialize
CoTaskMemAlloc
OleInitialize
OleUninitialize
CoCreateInstance
CoInitialize
CoCreateGuid

oleaut32

SafeArrayPutElement
SysAllocString
SafeArrayDestroy
SafeArrayUnaccessData
SafeArrayCreateVector
SafeArrayAccessData

wininet

HttpSendRequestExW
FtpOpenFileW
InternetConnectW
InternetSetOptionW
HttpEndRequestW
InternetCrackUrlW
InternetWriteFile
InternetCloseHandle
HttpOpenRequestW
InternetOpenW
InternetReadFile
HttpQueryInfoW
InternetSetFilePointer

ws2_32

bind
send
inet_ntoa
recv
inet_addr
htonl
htons
accept
sendto
ioctlsocket
setsockopt
__WSAFDIsSet
WSAStartup
getaddrinfo
select
getsockopt
closesocket
freeaddrinfo

shlwapi

ord172
PathStripToRootW

winmm

timeGetTime
timeKillEvent
timeBeginPeriod

imm32

ImmSetCandidateWindow
ImmGetCompositionStringW
ImmReleaseContext
ImmGetContext
ImmNotifyIME

Exports

Exports

ExitDll
GetPluginFactory
InitDll
_GetPluginFactory@0

Sections

.text
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 131KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9da655f24635d7946b68fc2027e1a8b5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

shell32

ole32

oleaut32

wininet

ws2_32

shlwapi

winmm

imm32

Exports

Exports

Sections

.text Size: 2.6MB - Virtual size: 2.6MB

.rdata Size: 3.4MB - Virtual size: 3.4MB

.data Size: 64KB - Virtual size: 70KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 131KB - Virtual size: 131KB

.text
Size: 2.6MB - Virtual size: 2.6MB

.rdata
Size: 3.4MB - Virtual size: 3.4MB

.data
Size: 64KB - Virtual size: 70KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 131KB - Virtual size: 131KB