d4ac478cbd3065d66ca26e92ee9488e0_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

d4ac478cbd3065d66ca26e92ee9488e0_NeikiAnalytics
Size

922KB
MD5

d4ac478cbd3065d66ca26e92ee9488e0
SHA1

8785acc88f4eb9037d29753bce7cc26e7c8af4b7
SHA256

459b87914eeb4eb0efdf701d80452643fcc4dd3adce06137b54c3ba4c5c2243f
SHA512

c58ebe49ef6206e7d2872337b05b26fa5e14bf46fcc83f65a70294c05774e068d0c85171eb067b4e210890cd2b133d1db52eeef3d2727e4c5fca9055a802235d
SSDEEP

12288:a7VtpPhBoj3YzJGOiJ6ZpFpERoBqPU8hr/2uv:a7VXPhBoj3WGOi4p4yIR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d4ac478cbd3065d66ca26e92ee9488e0_NeikiAnalytics

Files

d4ac478cbd3065d66ca26e92ee9488e0_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

977b5312270b6913405c153cffbc6866

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegCreateKeyA
RegQueryValueExA
RegSetValueExA

kernel32

CloseHandle
CreateFileA
CreateFileW
DeleteFileA
ExitProcess
FindClose
FindFirstFileA
FindNextFileA
GetACP
GetCPInfo
GetCommandLineA
GetCurrentThreadId
GetEnvironmentStrings
GetFileAttributesA
GetFileAttributesW
GetFileInformationByHandle
GetFileType
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeW
GetTickCount
GetTimeZoneInformation
GetVersion
GetVersionExA
GlobalLock
GlobalMemoryStatus
GlobalUnlock
HeapAlloc
HeapCreate
HeapFree
HeapReAlloc
HeapSize
HeapValidate
LCMapStringA
LoadLibraryA
MultiByteToWideChar
RaiseException
ReadFile
RtlUnwind
SetConsoleCtrlHandler
SetFilePointer
SetFileTime
SetHandleCount
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WideCharToMultiByte
WriteFile

wsock32

WSACleanup
WSAGetLastError
WSAStartup
__WSAFDIsSet
closesocket
connect
gethostbyname
getpeername
getsockname
htonl
htons
ioctlsocket
inet_ntoa
ntohl
ntohs
recv
select
send
socket

comctl32

ord17

gdi32

BitBlt

shell32

ShellExecuteA

user32

BeginPaint
CheckDlgButton
CheckRadioButton
ClientToScreen
CloseClipboard
CreateWindowExA
DefWindowProcA
DestroyWindow
DialogBoxParamA
DispatchMessageA
EndDialog
EndPaint
EnumThreadWindows
GetActiveWindow
GetAsyncKeyState
GetClientRect
GetClipboardData
GetCursorPos
GetDC
GetDlgItemTextA
GetForegroundWindow
GetWindowTextLengthA
LoadBitmapA
LoadCursorA
LoadIconA
MessageBeep
MessageBoxA
OpenClipboard
PeekMessageA
PostQuitMessage
RegisterClassA
ReleaseCapture
ReleaseDC
ScreenToClient
SendDlgItemMessageA
SendMessageA
SetCapture
SetClassLongA
SetCursor
SetCursorPos
SetDlgItemTextA
SetFocus
SetForegroundWindow
SetWindowPos
SetWindowTextA
ShowCursor
ShowWindow
TranslateMessage
UnregisterClassA
UpdateWindow
WindowFromPoint
wsprintfA

ddraw

DirectDrawCreate

dsound

DirectSoundCreate

Exports

Exports

__GetExceptDLLinfo
___CPPdebugHook
main_wnd_proc
main_wnd_proc_safe

Sections

.text
Size: 377KB - Virtual size: 380KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 97KB - Virtual size: 8.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 414KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

977b5312270b6913405c153cffbc6866

Headers

File Characteristics

Imports

advapi32

kernel32

wsock32

comctl32

gdi32

shell32

user32

ddraw

dsound

Exports

Exports

Sections

.text Size: 377KB - Virtual size: 380KB

.data Size: 97KB - Virtual size: 8.7MB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 414KB - Virtual size: 416KB

.reloc Size: 27KB - Virtual size: 28KB

.text
Size: 377KB - Virtual size: 380KB

.data
Size: 97KB - Virtual size: 8.7MB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 414KB - Virtual size: 416KB

.reloc
Size: 27KB - Virtual size: 28KB