c4315b2654133ee85f6c7124f1122b30_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

c4315b2654133ee85f6c7124f1122b30_NeikiAnalytics
Size

1.3MB
MD5

c4315b2654133ee85f6c7124f1122b30
SHA1

9316c9b4c71fe5f6f79c00cfc0aac73f5d59dfff
SHA256

a6bfef1341997be76f726e0af98b38ec5aeb737492386ba9623f577936db16f8
SHA512

e53dee24d06710feaa3008156765a18d60df513fbe974f9672a36dd987aec89bdda73d76666be37b758d909b2d24424f5155228916cfdb6dad2f5cbfdfbe2c08
SSDEEP

24576:WPtm6Ze9Hj2jxrM1OSMyipmIswDLS9S7lc/q0zrTn9TrBEngloKKZSaq4:WFmlIrLROb9TVEngloKKZSat

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c4315b2654133ee85f6c7124f1122b30_NeikiAnalytics

Files

c4315b2654133ee85f6c7124f1122b30_NeikiAnalytics
.exe windows:5 windows x86 arch:x86

5c1a78194001ed5ca9ea33a07bd142fc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Projects\BatDll\release\wbcmp44i.pdb

Imports

kernel32

LocalUnlock
LocalLock
GetTickCount
Sleep
GetDiskFreeSpaceA
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
WriteFile
GetWindowsDirectoryA
GetDriveTypeA
GetProfileStringA
GlobalReAlloc
GetModuleHandleA
GlobalHandle
HeapSize
RtlUnwind
HeapReAlloc
HeapAlloc
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
EnterCriticalSection
LeaveCriticalSection
GetStringTypeW
SetErrorMode
LCMapStringW
GetCommandLineW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
HeapFree
HeapCreate
DeleteCriticalSection
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStdHandle
ExitProcess
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleW
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoA
LoadLibraryA
SearchPathA
GetModuleFileNameA
lstrcatA
GetCommandLineA
GetVersionExA
IsDBCSLeadByte
MultiByteToWideChar
WideCharToMultiByte
GetLocalTime
ReadFile
SetFilePointer
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GetPrivateProfileStringA
LocalAlloc
LocalFree
CreateFileA
CloseHandle
lstrcmpA
MulDiv
lstrlenA
lstrcpynA
lstrcmpiA
GlobalSize
GlobalAlloc
GetSystemInfo
LCMapStringA
VirtualAlloc
GetProcAddress
GlobalLock
GlobalUnlock
lstrcpyA
GlobalFree
VirtualFree
GetLastError
GetStringTypeA
FreeLibrary

user32

GetKeyState
CharPrevA
DestroyIcon
MessageBoxA
wsprintfA
SetActiveWindow
SetFocus
GetAsyncKeyState
GetWindowLongA
GetCursor
SetCursor
MsgWaitForMultipleObjects
SetTimer
LoadStringA
IsWindowVisible
PeekMessageA
PostQuitMessage
KillTimer
GetSystemMenu
EnableMenuItem
AppendMenuA
PostMessageA
GetMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
LoadIconA
RegisterClassExA
GetDesktopWindow
GetWindowRect
IsIconic
ValidateRect
LoadImageA
GetWindowTextA
InvalidateRect
UpdateWindow
GetClientRect
FillRect
GetSystemMetrics
DrawTextA
GetDC
SendMessageA
ReleaseDC
BeginPaint
EndPaint
DefWindowProcA
SetWindowTextA
GetWindowPlacement
SetWindowPlacement
SetWindowPos
ShowWindow
GetSysColor
LoadCursorA
RegisterClassA
CharNextA
GetFocus
GetParent
EnableWindow
CreateWindowExA
GetActiveWindow
DestroyWindow
IsWindow
CharUpperA

gdi32

CreatePalette
SelectPalette
RealizePalette
CreateCompatibleDC
SelectObject
GetObjectA
SetStretchBltMode
SetBrushOrgEx
StretchBlt
DeleteDC
DeleteObject
CreateSolidBrush
CreatePen
GetStockObject
Ellipse
MoveToEx
LineTo
Rectangle
SetBkMode
SetTextColor
CreateFontIndirectA
GetTextExtentPoint32A
GetTextMetricsA
SetTextJustification
GetDeviceCaps

advapi32

RegDeleteValueA
RegQueryValueExA
RegCloseKey
OpenSCManagerA
GetServiceDisplayNameA
CloseServiceHandle
SetServiceStatus
StartServiceCtrlDispatcherA
RegSetValueExA
RegCreateKeyExA
RegisterServiceCtrlHandlerA
RegOpenKeyExA

shell32

ExtractIconA
Shell_NotifyIconA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Exports

Exports

MainWndProc
MyBoxWndProc
Parent_ProcessCommand2
WaitShutWndProc

Sections

.text
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5c1a78194001ed5ca9ea33a07bd142fc

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

version

Exports

Exports

Sections

.text Size: 83KB - Virtual size: 83KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 7KB - Virtual size: 33KB

.rsrc Size: 25KB - Virtual size: 25KB

.text
Size: 83KB - Virtual size: 83KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 7KB - Virtual size: 33KB

.rsrc
Size: 25KB - Virtual size: 25KB