9c8f5b1e92cf02ae9f370ce970c9eed0_NeikiAnalytics

Sharing

Copy URL

Twitter E-mail

General

Target

9c8f5b1e92cf02ae9f370ce970c9eed0_NeikiAnalytics
Size

1.3MB
MD5

9c8f5b1e92cf02ae9f370ce970c9eed0
SHA1

ba8c530707f9fc68babf1080974792e17106f34d
SHA256

ace231aad96e50975f92e74f82971d54ea418622c12756451d0c3b2f73dd6419
SHA512

1a81e44f61d4e41fa76e60da81341bc00bfffe28b8aa057542290b122e0d4a6c356bc49ff9d869d8dfa02b617fe054b804156048a6a9d4ba59e720b8e7fc7604
SSDEEP

24576:WPtmqZe9Hj2jxrM1OSMyipmIswDLS9S7lc/q0zrTn9TrBEngloKKZSaqX7:WFm1IrLROb9TVEngloKKZSaU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9c8f5b1e92cf02ae9f370ce970c9eed0_NeikiAnalytics

Files

9c8f5b1e92cf02ae9f370ce970c9eed0_NeikiAnalytics
.exe windows:5 windows x86 arch:x86

5c1a78194001ed5ca9ea33a07bd142fc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Projects\BatDll\release\wbcmp44i.pdb

Imports

kernel32

LocalUnlock
LocalLock
GetTickCount
Sleep
GetDiskFreeSpaceA
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
WriteFile
GetWindowsDirectoryA
GetDriveTypeA
GetProfileStringA
GlobalReAlloc
GetModuleHandleA
GlobalHandle
HeapSize
RtlUnwind
HeapReAlloc
HeapAlloc
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
EnterCriticalSection
LeaveCriticalSection
GetStringTypeW
SetErrorMode
LCMapStringW
GetCommandLineW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
HeapFree
HeapCreate
DeleteCriticalSection
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStdHandle
ExitProcess
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleW
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoA
LoadLibraryA
SearchPathA
GetModuleFileNameA
lstrcatA
GetCommandLineA
GetVersionExA
IsDBCSLeadByte
MultiByteToWideChar
WideCharToMultiByte
GetLocalTime
ReadFile
SetFilePointer
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GetPrivateProfileStringA
LocalAlloc
LocalFree
CreateFileA
CloseHandle
lstrcmpA
MulDiv
lstrlenA
lstrcpynA
lstrcmpiA
GlobalSize
GlobalAlloc
GetSystemInfo
LCMapStringA
VirtualAlloc
GetProcAddress
GlobalLock
GlobalUnlock
lstrcpyA
GlobalFree
VirtualFree
GetLastError
GetStringTypeA
FreeLibrary

user32

GetKeyState
CharPrevA
DestroyIcon
MessageBoxA
wsprintfA
SetActiveWindow
SetFocus
GetAsyncKeyState
GetWindowLongA
GetCursor
SetCursor
MsgWaitForMultipleObjects
SetTimer
LoadStringA
IsWindowVisible
PeekMessageA
PostQuitMessage
KillTimer
GetSystemMenu
EnableMenuItem
AppendMenuA
PostMessageA
GetMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
LoadIconA
RegisterClassExA
GetDesktopWindow
GetWindowRect
IsIconic
ValidateRect
LoadImageA
GetWindowTextA
InvalidateRect
UpdateWindow
GetClientRect
FillRect
GetSystemMetrics
DrawTextA
GetDC
SendMessageA
ReleaseDC
BeginPaint
EndPaint
DefWindowProcA
SetWindowTextA
GetWindowPlacement
SetWindowPlacement
SetWindowPos
ShowWindow
GetSysColor
LoadCursorA
RegisterClassA
CharNextA
GetFocus
GetParent
EnableWindow
CreateWindowExA
GetActiveWindow
DestroyWindow
IsWindow
CharUpperA

gdi32

CreatePalette
SelectPalette
RealizePalette
CreateCompatibleDC
SelectObject
GetObjectA
SetStretchBltMode
SetBrushOrgEx
StretchBlt
DeleteDC
DeleteObject
CreateSolidBrush
CreatePen
GetStockObject
Ellipse
MoveToEx
LineTo
Rectangle
SetBkMode
SetTextColor
CreateFontIndirectA
GetTextExtentPoint32A
GetTextMetricsA
SetTextJustification
GetDeviceCaps

advapi32

RegDeleteValueA
RegQueryValueExA
RegCloseKey
OpenSCManagerA
GetServiceDisplayNameA
CloseServiceHandle
SetServiceStatus
StartServiceCtrlDispatcherA
RegSetValueExA
RegCreateKeyExA
RegisterServiceCtrlHandlerA
RegOpenKeyExA

shell32

ExtractIconA
Shell_NotifyIconA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Exports

Exports

MainWndProc
MyBoxWndProc
Parent_ProcessCommand2
WaitShutWndProc

Sections

.text
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5c1a78194001ed5ca9ea33a07bd142fc

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

version

Exports

Exports

Sections

.text Size: 83KB - Virtual size: 83KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 7KB - Virtual size: 33KB

.rsrc Size: 25KB - Virtual size: 25KB

.text
Size: 83KB - Virtual size: 83KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 7KB - Virtual size: 33KB

.rsrc
Size: 25KB - Virtual size: 25KB