c9ad83513abdd72424a3f5e66c1d6a20_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

c9ad83513abdd72424a3f5e66c1d6a20_NeikiAnalytics
Size

7.3MB
MD5

c9ad83513abdd72424a3f5e66c1d6a20
SHA1

38fbaeecc2be28a2353e3e2130d7b9f9221203ca
SHA256

79c3a53b73a6379e0f1cf581e854c5a07e933758510f381a7d3133b8319e5952
SHA512

94bdb1bdb7892d9ceff11899f3885286d0f024d45dde50cf6149e0ee66c9dc4b511ae25d599dc068405e3bb8fc81a041048ea8f95783e9cc3a05bfcf87439400
SSDEEP

49152:esECpXtlgWD2+7uemGBCjJabUIAU8cG0T8ZbPdp2ZlCx1fVlDTan:mCpXtltxhswFT8Pdp2Z+DT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c9ad83513abdd72424a3f5e66c1d6a20_NeikiAnalytics

Files

c9ad83513abdd72424a3f5e66c1d6a20_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

977db5dc42b02402aa166f2393bb71a0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

cc3250

@$bdla$qpv
@$bnwa$qui
@_InitTermAndUnexPtrs$qv
__ErrorExit
___CRTL_MEM_UseBorMM
___CRTL_TLS_Alloc
___CRTL_TLS_ExitThread
___CRTL_TLS_Free
___CRTL_TLS_GetValue
___CRTL_TLS_InitThread
___CRTL_TLS_SetValue
____ExceptionHandler
__argc
__argv
__argv_default_expand
__assert
__chdrive
__exitargv
__finite
__ftol
__getdrive
__handle_exitargv
__handle_setargv
__handle_wexitargv
__handle_wsetargv
__huge_dble
__isnan
__ltolower
__ltoupper
__matherrl
__setargv
__startup
__streams
__wargv_default_expand
_atol
_ceil
_clock
_close
_dup
_eof
_exit
_exp
_fabs
_fclose
_fflush
_fgetc
_fmod
_fopen
_fprintf
_free
_ftime
_getenv
_isalnum
_isalpha
_isatty
_iscntrl
_isdigit
_isgraph
_islower
_isprint
_ispunct
_isspace
_isupper
_isxdigit
_localtime
_log
_malloc
_memchr
_memcmp
_memcpy
_memmove
_memset
_modf
_pow
_printf
_qsort
_rand
_realloc
_regcomp
_regexec
_regfree
_setmode
_snprintf
_sprintf
_sqrt
_srand
_sscanf
_stat
_strcat
_strchr
_strcpy
_strlen
_strncmp
_strncpy
_strpbrk
_strrchr
_strstr
_strtok
_time
_vfprintf

advapi32

GetUserNameA
RegCloseKey
RegCreateKeyA
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyA
RegEnumValueA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueA
RegQueryValueExA
RegSetValueA
RegSetValueExA

kernel32

AllocConsole
Beep
CloseHandle
CompareFileTime
CreateDirectoryA
CreateFileA
CreateMutexA
CreatePipe
CreateProcessA
DeleteFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindNextFileA
FindResourceA
FlushFileBuffers
FormatMessageA
FreeLibrary
FreeResource
GetComputerNameA
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetDiskFreeSpaceA
GetDriveTypeA
GetEnvironmentVariableA
GetExitCodeProcess
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetPrivateProfileIntA
GetPrivateProfileStringA
GetProcAddress
GetProcessHeap
GetProcessTimes
GetProfileIntA
GetProfileStringA
GetStdHandle
GetSystemDirectoryA
GetTempFileNameA
GetTempPathA
GetTickCount
GetVersion
GetVersionExA
GetVolumeInformationA
GetWindowsDirectoryA
GlobalAddAtomA
GlobalAlloc
GlobalDeleteAtom
GlobalFindAtomA
GlobalFlags
GlobalFree
GlobalGetAtomNameA
GlobalLock
GlobalMemoryStatus
GlobalReAlloc
GlobalSize
GlobalUnfix
GlobalUnlock
HeapAlloc
HeapFree
InterlockedDecrement
InterlockedIncrement
LoadLibraryA
LoadResource
LocalFree
LockFile
LockFileEx
LockResource
MoveFileA
MulDiv
MultiByteToWideChar
OutputDebugStringA
QueryPerformanceCounter
QueryPerformanceFrequency
ReadFile
ReleaseMutex
RemoveDirectoryA
SearchPathA
SetConsoleTitleA
SetCurrentDirectoryA
SetEndOfFile
SetErrorMode
SetFilePointer
SetHandleCount
SetLastError
Sleep
TerminateProcess
UnlockFile
UnlockFileEx
WaitForSingleObject
WideCharToMultiByte
WinExec
WriteFile
WritePrivateProfileStringA
WriteProfileStringA
_hread
_hwrite
_lclose
_lcreat
_llseek
_lopen
_lread
lstrcatA
lstrcmpA
lstrcpyA
lstrlenA
GlobalCompact

winspool.drv

ClosePrinter
EndDocPrinter
EndPagePrinter
EnumJobsA
EnumPrintersA
GetPrinterA
OpenPrinterA
StartDocPrinterA
StartPagePrinter
WritePrinter

comctl32

ord17
InitCommonControlsEx

comdlg32

ChooseColorA
ChooseFontA
CommDlgExtendedError
FindTextA
GetOpenFileNameA
GetSaveFileNameA
PageSetupDlgA
PrintDlgA

gdi32

AbortDoc
AddFontResourceA
Arc
BitBlt
Chord
CloseEnhMetaFile
CloseMetaFile
CreateBitmap
CreateBitmapIndirect
CreateBrushIndirect
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCA
CreateDIBitmap
CreateEnhMetaFileA
CreateFontA
CreateHatchBrush
CreateMetaFileA
CreatePalette
CreatePatternBrush
CreatePen
CreateRectRgn
CreateSolidBrush
DPtoLP
DeleteDC
DeleteEnhMetaFile
DeleteMetaFile
DeleteObject
Ellipse
EndDoc
EndPage
EnumFontFamiliesA
EnumFontsA
Escape
ExtFloodFill
ExtTextOutA
FloodFill
FrameRgn
GetBkColor
GetCurrentPositionEx
GetDIBits
GetDeviceCaps
GetEnhMetaFileA
GetMapMode
GetMetaFileA
GetMetaFileBitsEx
GetObjectA
GetObjectType
GetPixel
GetStockObject
GetTextAlign
GetTextColor
GetTextExtentPoint32A
GetTextExtentPointA
GetTextFaceA
GetTextMetricsA
GetViewportOrgEx
GetWinMetaFileBits
GetWindowOrgEx
LPtoDP
LineTo
MoveToEx
PatBlt
Pie
PlayEnhMetaFile
PlayMetaFile
PolyPolygon
RealizePalette
Rectangle
RemoveFontResourceA
ResetDCA
RestoreDC
RoundRect
SaveDC
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetBrushOrgEx
SetDIBitsToDevice
SetMapMode
SetMetaFileBitsEx
SetPixel
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextAlign
SetTextColor
SetTextJustification
SetViewportExtEx
SetViewportOrgEx
SetWinMetaFileBits
SetWindowExtEx
SetWindowOrgEx
StartDocA
StartPage
StretchBlt
StretchDIBits
TextOutA
UnrealizeObject

shell32

DragAcceptFiles
DragQueryFileA
DragQueryPoint
ExtractIconA
SHBrowseForFolderA
SHGetSpecialFolderLocation
ShellAboutA
SHGetPathFromIDListA

user32

AppendMenuA
BeginPaint
BringWindowToTop
CallNextHookEx
CallWindowProcA
CharToOemA
CheckMenuItem
ChildWindowFromPoint
ClientToScreen
CloseClipboard
CloseWindow
CopyRect
CreateAcceleratorTableA
CreateCaret
CreateCursor
CreateDialogIndirectParamA
CreateDialogParamA
CreateMenu
CreatePopupMenu
CreateWindowExA
DefFrameProcA
DefMDIChildProcA
DefWindowProcA
DestroyAcceleratorTable
DestroyCaret
DestroyCursor
DestroyIcon
DestroyMenu
DestroyWindow
DialogBoxIndirectParamA
DialogBoxParamA
DispatchMessageA
DrawFocusRect
DrawIcon
DrawMenuBar
DrawStateA
DrawTextA
DrawTextExA
EmptyClipboard
EnableMenuItem
EnableWindow
EndDialog
EndPaint
ExitWindowsEx
FillRect
FindWindowA
FrameRect
GetActiveWindow
GetAsyncKeyState
GetCapture
GetCaretPos
GetClassInfoA
GetClassLongA
GetClassNameA
GetClientRect
GetClipboardData
GetCursorPos
GetDC
GetDCEx
GetDesktopWindow
GetDialogBaseUnits
GetDlgCtrlID
GetDlgItem
GetFocus
GetKeyState
GetKeyboardState
GetMenu
GetMenuInfo
GetMenuItemCount
GetMenuItemID
GetMenuState
GetMenuStringA
GetNextDlgTabItem
GetParent
GetPropA
GetScrollPos
GetScrollRange
GetSubMenu
GetSysColor
GetSystemMetrics
GetWindow
GetWindowDC
GetWindowLongA
GetWindowRect
GetWindowTextA
GetWindowTextLengthA
GetWindowThreadProcessId
GetWindowWord
HideCaret
HiliteMenuItem
InsertMenuA
InvalidateRect
InvertRect
IsChild
IsClipboardFormatAvailable
IsDialogMessageA
IsIconic
IsMenu
IsWindow
IsWindowEnabled
IsWindowVisible
IsZoomed
KillTimer
LoadAcceleratorsA
LoadBitmapA
LoadCursorA
LoadIconA
LoadImageA
LoadMenuA
LoadStringA
MapDialogRect
MapVirtualKeyA
MapWindowPoints
MessageBeep
MessageBoxA
ModifyMenuA
MoveWindow
OemToCharA
OffsetRect
OpenClipboard
PeekMessageA
PostMessageA
PostQuitMessage
PtInRect
RegisterClassA
RegisterClipboardFormatA
RegisterWindowMessageA
ReleaseCapture
ReleaseDC
RemoveMenu
ScreenToClient
ScrollWindowEx
SendMessageA
SetActiveWindow
SetCapture
SetCaretPos
SetClassLongA
SetClassWord
SetClipboardData
SetCursor
SetCursorPos
SetFocus
SetForegroundWindow
SetKeyboardState
SetMenu
SetMenuInfo
SetParent
SetPropA
SetRectEmpty
SetScrollPos
SetScrollRange
SetTimer
SetWindowLongA
SetWindowPos
SetWindowTextA
SetWindowWord
SetWindowsHookExA
ShowCaret
ShowCursor
ShowWindow
SystemParametersInfoA
TrackPopupMenu
TranslateAcceleratorA
TranslateMessage
UnhookWindowsHookEx
UpdateWindow
WaitMessage
WinHelpA
WindowFromPoint
keybd_event
wsprintfA
GetSystemMenu

winmm

sndPlaySoundA

ole32

CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoInitialize
CoTaskMemFree
OleInitialize
OleUninitialize
StringFromCLSID

oleaut32

GetActiveObject
LoadTypeLib
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElement
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayPutElement
SysAllocString
SysAllocStringLen
SysFreeString
SysStringLen
VarR8FromCy
VarR8FromDec
VariantClear
VariantCopy
VariantInit

odbc32

ord1
ord2
ord3
ord72
ord27
ord8
ord9
ord41
ord10
ord11
ord13
ord14
ord15
ord31
ord16
ord43
ord36
ord45
ord61
ord18
ord39
ord50
ord51
ord54
ord23
ord42

libmysql

ord35
ord36
ord37
ord46
ord47
ord50
ord52
ord53
ord57
ord65
ord68
ord70
ord78
ord79
ord81
ord83
ord85
ord89
ord135
ord137

odbccp32

ord6
ord22

Exports

Exports

__DbgWndProc
__GetExceptDLLinfo
__WndProc
___CPPdebugHook

Sections

.text
Size: 809KB - Virtual size: 812KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6.3MB - Virtual size: 6.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 240KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

977db5dc42b02402aa166f2393bb71a0

Headers

File Characteristics

Imports

cc3250

advapi32

kernel32

winspool.drv

comctl32

comdlg32

gdi32

shell32

user32

winmm

ole32

oleaut32

odbc32

libmysql

odbccp32

Exports

Exports

Sections

.text Size: 809KB - Virtual size: 812KB

.data Size: 6.3MB - Virtual size: 6.3MB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 14KB - Virtual size: 16KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 5KB - Virtual size: 8KB

.reloc Size: 240KB - Virtual size: 244KB

.text
Size: 809KB - Virtual size: 812KB

.data
Size: 6.3MB - Virtual size: 6.3MB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 14KB - Virtual size: 16KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 5KB - Virtual size: 8KB

.reloc
Size: 240KB - Virtual size: 244KB