d4835e292d62c57743382791e7756dc0_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

d4835e292d62c57743382791e7756dc0_NeikiAnalytics
Size

206KB
MD5

d4835e292d62c57743382791e7756dc0
SHA1

1d5982b79045e9c41d17dab6a576533d485b1602
SHA256

23292d4544d1c413439a77b7a74cdb47a2946f842f5df3c0d458a0be6f55acc0
SHA512

cf95b5c8c979c8af19a1f5e1d49b3088375bca2063a61df1418b8894b2f4ce48fc8fec9b80fdd77fb5fa0242114d4285ad1eed8a9599c76d609b0720dea205d4
SSDEEP

3072:r1KHQ3z7RAy3cgckt17h57dgLeND0CUZpdHiki39iTjkhhBQCpNXaARSSzPavSl/:RKe3p5h5RkeND0di9ipCPXlRSwgSl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d4835e292d62c57743382791e7756dc0_NeikiAnalytics

Files

d4835e292d62c57743382791e7756dc0_NeikiAnalytics
.exe windows:5 windows x86 arch:x86

e0883ed2d75aabb0dbaa9d242b631964

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetForegroundWindow
SetWindowLongA
SetWindowTextW
GetDesktopWindow
GetWindowTextLengthA
SetWindowTextA
SendMessageA
DialogBoxParamA
GetWindowTextA
MessageBoxW
LoadStringW
LoadStringA
CharPrevA
PeekMessageW
GetSystemMetrics
ExitWindowsEx
DispatchMessageW
CharUpperBuffW
CallWindowProcW
GetKeyboardType
MessageBoxA
CharNextW
SetWindowPos
SystemParametersInfoA
wsprintfA
GetMessageTime
GetMessagePos
GetWindowLongA
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
RedrawWindow
ValidateRect
UpdateWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
BringWindowToTop
PostMessageA
ShowWindow
DestroyWindow
KillTimer
SetTimer
SetDlgItemTextA
EndDialog
IsDlgButtonChecked
GetDlgItem

comdlg32

GetFileTitleW

shell32

SHGetFolderPathW
SHGetDesktopFolder
DragQueryFileW
DragFinish
SHAppBarMessage
SHBrowseForFolderW
CommandLineToArgvW
SHGetSpecialFolderPathW
FindExecutableW
ShellExecuteExW
SHGetMalloc
SHGetPathFromIDListW
SHGetFileInfoW
ExtractIconW
SHAddToRecentDocs
SHCreateDirectoryExW
ShellExecuteW
SHGetSpecialFolderLocation

ole32

CoCreateInstance
CoInitialize

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyExA
AdjustTokenPrivileges

gdi32

DPtoLP
ScaleViewportExtEx
CreateBitmap
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
GetRgnBox
GetWindowExtEx
GetViewportExtEx
GetClipBox
SetMapMode
SetBkColor
RestoreDC
SaveDC
GetDeviceCaps
GetObjectW
SetBkMode
GetStockObject
DeleteObject
SetTextColor
SelectObject
GetTextColor
GetBkColor
GetMapMode
CreateRectRgnIndirect
CreateFontIndirectW
PtVisible

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

shlwapi

PathAddBackslashW
PathIsUNCW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

kernel32

GetConsoleMode
SetConsoleMode
ReadConsoleInputA
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
InterlockedDecrement
InterlockedIncrement
VirtualProtect
SizeofResource
SignalObjectAndWait
SetLastError
SetEndOfFile
RemoveDirectoryW
LockResource
LoadResource
GetWindowsDirectoryW
GetVersionExW
GetUserDefaultLangID
ExitThread
GetLastError
GetFullPathNameW
GetFileSize
GetFileAttributesW
GetExitCodeProcess
GetEnvironmentVariableW
GetDiskFreeSpaceW
GetCPInfo
FormatMessageW
FindResourceW
EnumCalendarInfoW
DeleteFileW
CreateProcessW
CreateFileW
CreateDirectoryW
GetACP
VirtualFree
VirtualAlloc
GetSystemInfo
GetTickCount
QueryPerformanceCounter
GetVersion
GetVersionExA
GetProcessHeap
SetUnhandledExceptionFilter
IsDebuggerPresent
DeleteCriticalSection
TlsAlloc
TlsFree
GetOEMCP
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
GetConsoleCP
FlushFileBuffers
GetFileType
HeapDestroy
HeapCreate
GetTimeZoneInformation
CreateFileA
GetModuleFileNameA
LCMapStringA
LCMapStringW
InitializeCriticalSection
LoadLibraryA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
ExitProcess
GetCurrentThreadId
VirtualQuery
lstrlenW
lstrcpynW
LoadLibraryExW
GetThreadLocale
GetModuleFileNameW
GetLocaleInfoW
FindFirstFileW
FindClose
RtlUnwind
RaiseException
TlsSetValue
TlsGetValue
GetConsoleScreenBufferInfo
GetStdHandle
TerminateProcess
GetProcAddress
HeapReAlloc
HeapAlloc
HeapFree
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
GetCurrentProcess
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
CopyFileW
LoadLibraryW
GetModuleHandleW
SetEvent
FreeLibrary
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
LocalFree
GetCurrentProcessId
CloseHandle
ReleaseMutex
GetLocaleInfoA
ResetEvent
CreateEventW
lstrlenA
lstrcpynA
lstrcmpiA
lstrcmpA
lstrcatA
WritePrivateProfileStringA
WriteFile
WaitForSingleObject
Sleep
SetFileTime
SetFilePointer
SetFileAttributesA
SetErrorMode
SetCurrentDirectoryA
SearchPathA
RemoveDirectoryA
ReadFile
LocalAlloc

Sections

.text
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e0883ed2d75aabb0dbaa9d242b631964

Headers

DLL Characteristics

File Characteristics

Imports

user32

comdlg32

shell32

ole32

advapi32

gdi32

version

shlwapi

winspool.drv

kernel32

Sections

.text Size: 94KB - Virtual size: 94KB

.rdata Size: 102KB - Virtual size: 101KB

.data Size: 5KB - Virtual size: 32KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 94KB - Virtual size: 94KB

.rdata
Size: 102KB - Virtual size: 101KB

.data
Size: 5KB - Virtual size: 32KB

.rsrc
Size: 3KB - Virtual size: 2KB