a8c74b01cd94ce3b1a75a77597cbc3d0_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

a8c74b01cd94ce3b1a75a77597cbc3d0_NeikiAnalytics
Size

5.5MB
MD5

a8c74b01cd94ce3b1a75a77597cbc3d0
SHA1

512eb941eb1ade9aad747ee2e8d70ce05f992d28
SHA256

3783f870d88fa5fcf07be0d578a1e13e1b28fdf625eb738dd059ec92883b5baf
SHA512

953a704450182a95c552f977535022dc1db295def30553aa08af71c0dddca6f0219aa3a86b76c1f9189ff06ea9b7046645c14c1106c919d96a5861e3adb705fc
SSDEEP

98304:eVWR/NACeasaT3iZCQoB/KVZVGCEe1exMtR5nDRYeXaQ6:eVWzA3asaT7QnoKTnDXg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a8c74b01cd94ce3b1a75a77597cbc3d0_NeikiAnalytics

Files

a8c74b01cd94ce3b1a75a77597cbc3d0_NeikiAnalytics
.exe windows:5 windows x86 arch:x86

24d9e427c81229724c83eecd590b63d3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetThreadPriority
GetThreadSelectorEntry
GetTimeFormatA
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLangID
GetUserDefaultLCID
GetVersionExA
GetVersionExW
GetVolumeInformationA
GetVolumeInformationW
GetWindowsDirectoryW
GlobalAlloc
GlobalFree
GlobalLock
GlobalMemoryStatus
GlobalSize
GlobalUnlock
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsValidCodePage
IsValidLocale
LCMapStringA
LCMapStringW
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LocalAlloc
LocalFileTimeToFileTime
LocalFree
lstrcmpiA
lstrcmpW
lstrlenA
lstrlenW
MapViewOfFile
MoveFileA
MoveFileW
MultiByteToWideChar
OpenFileMappingW
OpenProcess
OutputDebugStringW
PeekNamedPipe
PulseEvent
QueryPerformanceCounter
GetThreadContext
RaiseException
ReadFile
ReadProcessMemory
ReleaseMutex
ReleaseSemaphore
RemoveDirectoryA
RemoveDirectoryW
ResetEvent
ResumeThread
SetCurrentDirectoryA
SetCurrentDirectoryW
SetEndOfFile
SetEnvironmentVariableA
SetEnvironmentVariableW
SetErrorMode
SetEvent
SetFileAttributesA
SetFileAttributesW
SetFileTime
SetHandleCount
SetHandleInformation
SetLastError
SetNamedPipeHandleState
SetPriorityClass
SetProcessAffinityMask
SetStdHandle
SetSystemTime
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SuspendThread
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
TerminateProcess
TerminateThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObjectEx
WideCharToMultiByte
WriteFile
WriteProcessMemory
Process32FirstW
Process32NextW
GetTempPathW
GetTempPathA
GetSystemTimeAsFileTime
GetSystemTime
GetSystemInfo
GetSystemDirectoryW
GetSystemDirectoryA
GetStringTypeW
GetStringTypeA
GetStdHandle
GetStartupInfoA
GetShortPathNameA
GetProfileStringW
GetProcessHeap
GetProcessAffinityMask
GetProcAddress
GetPriorityClass
GetOverlappedResult
GetOEMCP
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetModuleFileNameA
GetLongPathNameW
GetLogicalDrives
GetLocalTime
GetLocaleInfoW
GetLocaleInfoA
GetLastError
GetFullPathNameW
GetFullPathNameA
GetFileType
GetFileSize
GetFileInformationByHandle
GetFileAttributesW
GetFileAttributesExW
GetExitCodeThread
GetExitCodeProcess
GetEnvironmentVariableW
GetEnvironmentVariableA
GetEnvironmentStringsW
GetDriveTypeW
GetDriveTypeA
GetDiskFreeSpaceW
GetDiskFreeSpaceExW
GetDiskFreeSpaceA
GetDateFormatW
GetDateFormatA
GetCurrentThreadId
GetCurrentProcessId
GetCurrentDirectoryW
GetCurrentDirectoryA
GetCurrencyFormatW
GetCPInfo
GetCommandLineW
GetACP
FreeLibrary
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FormatMessageW
FormatMessageA
FlushFileBuffers
FindNextFileW
FindNextFileA
FindNextChangeNotification
FindFirstFileW
FindFirstFileA
FindFirstChangeNotificationW
FindCloseChangeNotification
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FatalAppExitA
ExpandEnvironmentStringsW
ExpandEnvironmentStringsA
ExitThread
ExitProcess
EnumSystemLocalesA
DuplicateHandle
DisconnectNamedPipe
DeviceIoControl
DeleteFileW
DeleteFileA
DeleteCriticalSection
DefineDosDeviceA
CreateThread
CreateSemaphoreW
CreateSemaphoreA
CreateProcessW
CreateProcessA
CreatePipe
CreateNamedPipeA
CreateMutexW
CreateFileW
CreateFileMappingW
CreateFileMappingA
CreateFileA
CreateEventW
CreateEventA
CreateDirectoryW
CreateDirectoryA
CopyFileW
CopyFileA
ConnectNamedPipe
CompareStringW
CompareStringA
CloseHandle
GetStartupInfoW
GetCommandLineA
InitializeCriticalSection
EnterCriticalSection
GetTickCount
LeaveCriticalSection
LoadLibraryA
OpenMutexA
QueryPerformanceFrequency
CreateMutexA

user32

wsprintfA
WindowFromPoint
ValidateRgn
UpdateWindow
UnregisterClassW
UnhookWindowsHookEx
TranslateMessage
TrackPopupMenuEx
ToUnicode
ToAscii
SystemParametersInfoW
ShowWindow
SetWindowTextW
SetWindowTextA
SetWindowsHookExW
SetWindowRgn
SetWindowPos
SetWindowPlacement
SetWindowLongW
SetTimer
SetParent
SetMenuItemInfoW
SetFocus
SetDoubleClickTime
SetCursorPos
SetClipboardViewer
SetClipboardData
SetClassLongW
SetCaretPos
SetCaretBlinkTime
SetCapture
SendMessageW
SendMessageTimeoutW
ScrollWindowEx
ScreenToClient
ReleaseDC
ReleaseCapture
RegisterWindowMessageW
RegisterWindowMessageA
RegisterClipboardFormatW
RegisterClassW
RegisterClassExW
PostThreadMessageW
PostMessageW
PeekMessageW
OpenClipboard
MsgWaitForMultipleObjectsEx
MoveWindow
MessageBoxW
MessageBoxA
MessageBeep
MapWindowPoints
MapVirtualKeyW
MapDialogRect
LoadImageW
LoadIconW
SetForegroundWindow
SendMessageA
FindWindowA
GetSystemMetrics
KillTimer
IsZoomed
IsWindowVisible
IsIconic
IsChild
InvalidateRgn
InvalidateRect
HideCaret
GetWindowThreadProcessId
GetWindowTextA
GetWindowRgn
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindowDC
GetUserObjectInformationW
GetUpdateRect
GetSystemMenu
GetSysColorBrush
GetQueueStatus
GetProcessWindowStation
GetParent
GetMessageW
GetMenu
GetKeyState
GetKeyboardState
GetKeyboardLayoutList
GetKeyboardLayout
GetIconInfo
GetFocus
GetDoubleClickTime
GetDlgItem
GetDesktopWindow
GetDC
GetCursorPos
GetClipboardFormatNameW
GetClientRect
GetClassNameA
GetClassLongW
GetClassInfoW
GetCaretBlinkTime
GetAsyncKeyState
GetActiveWindow
FindWindowW
FindWindowExW
ExitWindowsEx
EnumWindows
EnumDisplaySettingsW
EnumChildWindows
EndDialog
EnableMenuItem
DrawTextW
DrawTextA
DrawIconEx
DispatchMessageW
DialogBoxIndirectParamW
DestroyWindow
DestroyIcon
DestroyCursor
DestroyCaret
DefWindowProcW
CreateWindowExW
CreateIconIndirect
CreateCursor
CreateCaret
CloseClipboard
ClipCursor
ClientToScreen
CharUpperBuffW
CharUpperBuffA
CharNextExA
EmptyClipboard

gdi32

StretchBlt
StartPage
SetWorldTransform
SetTextColor
SetTextAlign
SetPolyFillMode
SetGraphicsMode
SetBkMode
SelectPalette
SelectObject
SelectClipRgn
SelectClipPath
SaveDC
RestoreDC
ResetDCW
RealizePalette
PtInRegion
PolyBezierTo
OffsetRgn
MoveToEx
LineTo
GetTextMetricsW
GetTextFaceW
GetTextExtentPoint32W
GetStockObject
GetRegionData
GetPaletteEntries
GetOutlineTextMetricsW
GetObjectW
GetObjectA
FillPath
GetNearestPaletteIndex
GetGlyphOutlineW
GetFontData
GetDIBits
GetDeviceCaps
GetCharABCWidthsW
GetCharABCWidthsFloatW
GetBkMode
CreateCompatibleBitmap
ExtTextOutW
ExtCreatePen
EnumFontFamiliesExW
EndPage
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePen
CreatePalette
CreateFontIndirectW
CreateEllipticRgn
CreateDIBSection
CreateDCW
CreateCompatibleDC
GdiFlush

winspool.drv

OpenPrinterW
EnumPrintersW
GetPrinterW

advapi32

GetUserNameA
StartServiceW
StartServiceCtrlDispatcherW
SetServiceStatus
SetSecurityDescriptorDacl
SetFileSecurityW
RevertToSelf
ReportEventW
ReportEventA
RegSetValueExW
RegSetValueExA
RegQueryValueExW
RegQueryValueExA
RegQueryInfoKeyW
RegOpenKeyExW
RegOpenKeyExA
RegisterServiceCtrlHandlerW
RegisterEventSourceW
RegisterEventSourceA
RegFlushKey
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
RegDeleteValueA
RegDeleteKeyW
RegCreateKeyExW
RegCreateKeyExA
RegConnectRegistryW
RegConnectRegistryA
RegCloseKey
QueryServiceStatus
QueryServiceConfigW
QueryServiceConfigA
PrivilegeCheck
OpenThreadToken
OpenServiceW
OpenServiceA
OpenSCManagerW
OpenSCManagerA
OpenProcessToken
CopySid
CreateServiceA
CreateServiceW
DeleteService
DeregisterEventSource
DuplicateToken
EqualSid
FreeSid
GetLengthSid
GetTokenInformation
GetUserNameW
ImpersonateLoggedOnUser
ImpersonateNamedPipeClient
InitializeSecurityDescriptor
InitiateSystemShutdownA
LogonUserW
LookupAccountSidA
LookupAccountSidW
LookupPrivilegeValueA

msvcrt

_except_handler3
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_mpeg_7
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

24d9e427c81229724c83eecd590b63d3

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

msvcrt

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 4KB - Virtual size: 4.0MB

.rsrc Size: 108KB - Virtual size: 106KB

_mpeg_7 Size: 3.1MB - Virtual size: 3.1MB

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 4.0MB

.rsrc
Size: 108KB - Virtual size: 106KB

_mpeg_7
Size: 3.1MB - Virtual size: 3.1MB