6798d7b7a28a76d1d8cb8ab9231626f0_NeikiAnalytics

Sharing

Copy URL

Twitter E-mail

General

Target

6798d7b7a28a76d1d8cb8ab9231626f0_NeikiAnalytics
Size

384KB
MD5

6798d7b7a28a76d1d8cb8ab9231626f0
SHA1

0b7e8b760194b1caa0e1efcaab0bffe612ed9f84
SHA256

5dc78f2d9d94be3cfeeb915027065276c3df8290ee51bb2b56187b1794aa3e06
SHA512

9367315eee5b51249e956a198aeeea486d628f48210e0c3409295acd5773a21b7fbf1cb0713a8e74f9a87d36bd691814ac4580f62070e52fbb7794757705d50d
SSDEEP

6144:f8FLEakRC3GCmbMrplzeURTQSycsrmLi8rF1k6hQvDWmRlng+n6hzD52/WJa9:f8FLEjHCmbMlwURTQSycsrmLJ1bQLHnd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6798d7b7a28a76d1d8cb8ab9231626f0_NeikiAnalytics

Files

6798d7b7a28a76d1d8cb8ab9231626f0_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

9298b74578f46596bc85cd22de644afa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

comctl32

ImageList_Remove
ord17
CreateToolbarEx
ImageList_Draw
ImageList_ReplaceIcon
ImageList_Create

ws2_32

WSAStartup
WSCEnumProtocols
WSCGetProviderPath
WSCDeinstallProvider

kernel32

CreateProcessA
Sleep
OpenProcess
MultiByteToWideChar
LeaveCriticalSection
EnterCriticalSection
ReleaseSemaphore
WaitForSingleObject
ExitThread
InterlockedIncrement
GetModuleFileNameA
InterlockedDecrement
CreateSemaphoreA
InitializeCriticalSection
TlsAlloc
SearchPathA
FindClose
FindNextFileA
FindFirstFileA
WriteConsoleA
FlushFileBuffers
SetStdHandle
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
GlobalAlloc
GetEnvironmentStrings
FreeEnvironmentStringsA
LCMapStringW
LCMapStringA
GetConsoleMode
GetConsoleCP
GetFileType
SetHandleCount
HeapSize
GetStringTypeW
GetStringTypeA
GetOEMCP
GetACP
GetCPInfo
GetStdHandle
WriteFile
ExitProcess
HeapCreate
HeapDestroy
VirtualAlloc
VirtualFree
DeleteCriticalSection
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetCurrentThreadId
TlsFree
RaiseException
GetStartupInfoA
GetProcessHeap
GetVersionExA
GetCommandLineA
CreateThread
ResumeThread
HeapReAlloc
HeapFree
HeapAlloc
RtlUnwind
GlobalLock
GlobalUnlock
SetLastError
DeleteFileA
GetPrivateProfileStringA
WriteConsoleW
SetEndOfFile
WriteProfileStringA
WritePrivateProfileStringA
GetProfileStringA
CreateDirectoryA
SetFileAttributesA
MoveFileA
RemoveDirectoryA
GetFileSize
GetFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetDateFormatA
GetTimeFormatA
GetFileAttributesA
GetVersion
GetModuleHandleA
LocalAlloc
lstrcmpA
LocalFree
FormatMessageA
MulDiv
lstrcpyA
lstrlenA
lstrcatA
GetTickCount
CreateFileA
ReadFile
SetFilePointer
WideCharToMultiByte
GetWindowsDirectoryA
ExpandEnvironmentStringsA
TlsSetValue
LoadLibraryA
GetProcAddress
GetLocaleInfoA
GetNumberFormatA
GetCurrentProcess
GetLastError
CloseHandle
TlsGetValue
FreeEnvironmentStringsW
GetConsoleOutputCP

user32

LoadImageA
RegisterClassExA
CreateDialogParamA
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
IsDialogMessageA
TranslateMessage
DispatchMessageA
DrawMenuBar
RegisterWindowMessageA
PostQuitMessage
InvalidateRgn
DialogBoxParamA
ReleaseCapture
MapWindowPoints
ModifyMenuA
GetSysColorBrush
ChildWindowFromPoint
GetClassNameA
DeferWindowPos
DialogBoxIndirectParamA
InflateRect
LoadStringA
BeginDeferWindowPos
EnumChildWindows
EndDeferWindowPos
OffsetRect
UnionRect
PtInRect
BeginPaint
DrawFrameControl
EndPaint
SetPropA
GetWindowLongA
SetWindowLongA
EnableWindow
EndDialog
TrackPopupMenu
EnableMenuItem
DeleteMenu
GetSubMenu
InsertMenuA
SetDlgItemTextA
EnumDisplaySettingsA
FindWindowA
GetWindowThreadProcessId
SetForegroundWindow
FindWindowExA
WaitForInputIdle
CloseClipboard
OpenClipboard
EmptyClipboard
SetClipboardData
GetMenu
CheckMenuItem
SetWindowTextA
DestroyIcon
LoadIconA
SetWindowPos
GetWindowRect
IsIconic
IsZoomed
GetDlgItem
SetTimer
GetParent
GetCursorPos
CreateWindowExA
CallWindowProcA
GetSysColor
GetClientRect
GetSystemMetrics
IntersectRect
InvalidateRect
GetFocus
GetDC
DrawTextA
ReleaseDC
MoveWindow
ShowWindow
ClientToScreen
ScreenToClient
DestroyWindow
DefWindowProcA
MessageBoxA
PostMessageA
SetFocus
LoadCursorA
SetCursor
SendMessageA
GetPropA

gdi32

GetTextMetricsA
CreateSolidBrush
EndDoc
DeleteObject
GetStockObject
GetObjectA
CreateCompatibleDC
GetDeviceCaps
DeleteDC
CreateFontIndirectA
SetBkColor
ExtTextOutA
StartDocA
GetTextExtentPoint32A
SelectObject
SetMapMode
SetBkMode
EndPage
SetTextColor
StartPage

comdlg32

FindTextA
GetSaveFileNameA
PrintDlgA
ChooseFontA
GetOpenFileNameA

advapi32

AdjustTokenPrivileges
RegOpenKeyExA
RegCloseKey
OpenSCManagerA
OpenServiceA
CloseServiceHandle
DeleteService
RegEnumKeyA
RegQueryValueA
GetTokenInformation
LookupAccountSidA
EqualSid
FreeSid
AllocateAndInitializeSid
RegEnumValueA
RegQueryInfoKeyA
RegCreateKeyExA
RegDeleteValueA
RegLoadKeyA
RegUnLoadKeyA
RegDeleteKeyA
RegCreateKeyA
RegQueryValueExA
RegOpenKeyA
RegSetValueExA
OpenProcessToken
LookupPrivilegeValueA

shell32

ShellExecuteA
SHGetFileInfoA
ShellExecuteExA

ole32

CoInitialize
CoTaskMemFree
CoCreateInstance

oleaut32

SysAllocStringByteLen
SysStringLen
SysFreeString
SysAllocString
VariantClear

Sections

.text
Size: 232KB - Virtual size: 229KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9298b74578f46596bc85cd22de644afa

Headers

File Characteristics

Imports

version

comctl32

ws2_32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 232KB - Virtual size: 229KB

.rdata Size: 44KB - Virtual size: 43KB

.data Size: 12KB - Virtual size: 17KB

.rsrc Size: 92KB - Virtual size: 90KB

.text
Size: 232KB - Virtual size: 229KB

.rdata
Size: 44KB - Virtual size: 43KB

.data
Size: 12KB - Virtual size: 17KB

.rsrc
Size: 92KB - Virtual size: 90KB