ed4ebcf1a903b2d642b24c93066849a0_NeikiAnalytics

Sharing

Copy URL

Twitter E-mail

General

Target

ed4ebcf1a903b2d642b24c93066849a0_NeikiAnalytics
Size

3.5MB
MD5

ed4ebcf1a903b2d642b24c93066849a0
SHA1

68fb7dcf2111500a2ac93310538e982619d985f4
SHA256

3d0557474732f34b141f669e6dd2c77516a3428c499a836f40a2480c738585c4
SHA512

17a59d6c639d896f96646d2c4b268bbabce325e6c19d1f8413f0c7af7fb2b0829b00c68a8daca18bf08b27c15b54da1dd0c583045f74c61ac1cae8ce38ead0dd
SSDEEP

98304:TfjDYKEgZvj6mvY7+FusoHWCSmuwT6gNafQvkKz:TfjCivGn7+UsoHWCSRwT6Kh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ed4ebcf1a903b2d642b24c93066849a0_NeikiAnalytics

Files

ed4ebcf1a903b2d642b24c93066849a0_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

57667c8db8bb51dbd1bd7d19850c11f9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

shell32

SHGetSpecialFolderLocation
ShellExecuteExA
SHGetMalloc
SHBrowseForFolderA
ShellExecuteA
SHGetPathFromIDListA

comctl32

ord17

kernel32

CompareStringA
CompareStringW
GetVersionExA
LoadLibraryA
FreeLibrary
GetProcAddress
GetLocaleInfoA
GetExitCodeProcess
ExitThread
GetCommandLineA
GetSystemDefaultLangID
lstrcmpA
lstrcmpiA
VerLanguageNameA
MoveFileA
FindClose
FindNextFileA
CompareFileTime
FindFirstFileA
GetSystemTimeAsFileTime
SetFileAttributesA
GetPrivateProfileStringA
CreateDirectoryA
LocalFree
FormatMessageA
GetSystemInfo
MulDiv
IsValidLocale
GetVersion
GetModuleHandleA
GetFileAttributesA
GetCurrentDirectoryA
FileTimeToLocalFileTime
GetFileTime
IsBadReadPtr
VirtualQuery
FlushFileBuffers
SetEndOfFile
GetDiskFreeSpaceA
GetTempFileNameA
GetCurrentThread
lstrcatA
CreateEventA
QueryPerformanceFrequency
InterlockedDecrement
InterlockedIncrement
CopyFileA
CreateThread
GetExitCodeThread
GetTickCount
GlobalFree
FindResourceA
LoadResource
SizeofResource
GlobalAlloc
LockResource
GlobalLock
GlobalUnlock
ExpandEnvironmentStringsA
GetTempPathA
SetErrorMode
GetWindowsDirectoryA
lstrcpyA
GetSystemDirectoryA
SetEnvironmentVariableA
GetLocaleInfoW
GetTimeZoneInformation
SetStdHandle
SetConsoleCtrlHandler
IsBadCodePtr
GetStringTypeW
GetStringTypeA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidCodePage
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetOEMCP
GetACP
GetCPInfo
SetUnhandledExceptionFilter
LCMapStringW
LCMapStringA
FatalAppExitA
TlsGetValue
TlsFree
TlsAlloc
TlsSetValue
GetCurrentThreadId
HeapSize
GetStartupInfoA
HeapReAlloc
RtlUnwind
FreeResource
GetPrivateProfileIntA
GetPrivateProfileSectionNamesA
SystemTimeToFileTime
SetCurrentDirectoryA
CreateProcessA
WaitForSingleObject
ExitProcess
GetShortPathNameA
GetCurrentProcess
DuplicateHandle
GetThreadContext
VirtualProtectEx
WriteProcessMemory
FlushInstructionCache
SetThreadContext
ResumeThread
DeleteFileA
Sleep
RemoveDirectoryA
IsDBCSLeadByte
SetFilePointer
GetProcessHeap
HeapAlloc
ReadFile
lstrlenW
HeapFree
WriteFile
lstrcpynA
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
CreateFileA
GetFileSize
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
CloseHandle
lstrlenA
GetLastError
SetLastError
WritePrivateProfileSectionA
GetPrivateProfileSectionA
MoveFileExA
GetDriveTypeA
QueryPerformanceCounter
SetEvent
ResetEvent
SearchPathA
VirtualProtect
GetCurrentProcessId
FindResourceExA
LoadLibraryExA
GetDateFormatA
GetTimeFormatA
GetLocalTime
TerminateProcess
GetProcessTimes
OpenProcess
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
RaiseException
InterlockedExchange
LocalAlloc

user32

LoadImageA
CreateDialogParamA
GetParent
GetWindowTextA
SetCursor
GetWindow
GetDlgItemTextA
SetFocus
SetDlgItemTextA
SetForegroundWindow
SetActiveWindow
GetDlgCtrlID
GetDC
FillRect
GetSysColor
GetSysColorBrush
GetSystemMetrics
SetRect
FindWindowA
IntersectRect
SubtractRect
CreateDialogIndirectParamA
CharNextA
FindWindowExA
IsDialogMessageA
EnableWindow
SendDlgItemMessageA
SendMessageA
GetWindowRect
ScreenToClient
MoveWindow
DestroyWindow
MessageBoxA
WaitForInputIdle
GetWindowLongA
BeginPaint
EndPaint
SetWindowLongA
GetClientRect
ClientToScreen
SetWindowPos
ExitWindowsEx
CharUpperA
RegisterClassExA
InvalidateRect
EnumChildWindows
UpdateWindow
SetPropA
DrawIcon
MapDialogRect
GetClassNameA
CallWindowProcA
RemovePropA
GetPropA
DrawFocusRect
InflateRect
DrawTextA
CopyRect
MapWindowPoints
GetWindowDC
ReleaseDC
EndDialog
SetWindowTextA
GetDlgItem
ShowWindow
DialogBoxIndirectParamA
GetDesktopWindow
wsprintfA
MsgWaitForMultipleObjects
PeekMessageA
DefWindowProcA
PostMessageA
KillTimer
PostQuitMessage
SetTimer
LoadIconA
LoadCursorA
RegisterClassA
CreateWindowExA
GetMessageA
TranslateMessage
DispatchMessageA
wvsprintfA
CharPrevA
IsWindow

gdi32

UnrealizeObject
SelectPalette
RealizePalette
GetSystemPaletteEntries
CreatePalette
CreateHalftonePalette
CreateFontA
GetDIBColorTable
SetTextColor
GetDeviceCaps
CreateSolidBrush
TranslateCharsetInfo
GetObjectA
CreateFontIndirectA
CreateCompatibleDC
SelectObject
DeleteDC
CreateDIBitmap
DeleteObject
GetStockObject
DeleteMetaFile
CreateCompatibleBitmap
CreateDCA
RestoreDC
GetTextExtentPoint32A
SaveDC
CreatePatternBrush
SetMetaFileBitsEx
SetStretchBltMode
SelectClipRgn
CreateRectRgn
SetPixel
PatBlt
PlayMetaFile
SetBkColor
StretchBlt
CreateBitmap
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
SetMapMode
SetBkMode
BitBlt

advapi32

OpenThreadToken
OpenProcessToken
GetTokenInformation
LookupPrivilegeValueA
AdjustTokenPrivileges
RegCreateKeyA
RegOpenKeyA
RegEnumKeyA
RegEnumKeyExA
RegDeleteKeyA
RegCloseKey
AllocateAndInitializeSid
EqualSid
FreeSid
InitializeSecurityDescriptor
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
RegEnumValueA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA

ole32

StringFromCLSID
CoCreateInstance
CLSIDFromProgID
ProgIDFromCLSID
CoTaskMemFree
CoInitializeSecurity
CoUninitialize
CoInitialize
CoCreateGuid
CreateItemMoniker
StringFromGUID2
GetRunningObjectTable

oleaut32

SysFreeString
GetErrorInfo
VariantChangeType
VariantClear
SysAllocString
SysStringLen
SysReAllocStringLen
SysAllocStringLen
LoadTypeLi
CreateErrorInfo
SetErrorInfo
RegisterTypeLi

rpcrt4

UuidCreate
UuidToStringA
RpcStringFreeA
UuidFromStringA

Sections

.text
Size: 648KB - Virtual size: 647KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 47KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 312KB - Virtual size: 311KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

57667c8db8bb51dbd1bd7d19850c11f9

Headers

DLL Characteristics

File Characteristics

Imports

version

shell32

comctl32

kernel32

user32

gdi32

advapi32

ole32

oleaut32

rpcrt4

Sections

.text Size: 648KB - Virtual size: 647KB

.rdata Size: 95KB - Virtual size: 95KB

.data Size: 47KB - Virtual size: 62KB

.rsrc Size: 312KB - Virtual size: 311KB

.text
Size: 648KB - Virtual size: 647KB

.rdata
Size: 95KB - Virtual size: 95KB

.data
Size: 47KB - Virtual size: 62KB

.rsrc
Size: 312KB - Virtual size: 311KB