92cb8c6d92895350cbe0a2ec3389de70_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

92cb8c6d92895350cbe0a2ec3389de70_NeikiAnalytics
Size

3.8MB
MD5

92cb8c6d92895350cbe0a2ec3389de70
SHA1

eebb3bc0e30b9d427bc403d2cd4b111a93ea8bac
SHA256

4e8077242135e86b36a2bdbe2a8bd641bf9afea222408e94c7113204949690db
SHA512

5e712b3dbb8bc33214f58d85d92d1ed55d5c6d6782d97ab3a67535a81ebc7bd61b01cb546ab010d979a43f273da3316747c757363c52c3aedd12364ee85ddc40
SSDEEP

98304:73oIMcSw1bdA257PThySW9T894g5WRbqZNNOhzDY16kIyS5P3PEZe5ZsqGQo1O50:TScl1bdA257PThySW9TK4g5WxqZNNOh5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
92cb8c6d92895350cbe0a2ec3389de70_NeikiAnalytics

Files

92cb8c6d92895350cbe0a2ec3389de70_NeikiAnalytics
.exe windows:1 windows x86 arch:x86

5c6e40b9ffeb2bef61090ac9228156f2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

cvirte

CloseCVIRTDll
DiscardBitmap
EnterAsyncCallback
ExitAsyncCallback
GetCtrlAttribute
GetFontTypefaceName
GetFontTypefaceNameLength
GetNumTableColumns
GetNumTableRows
GetTableCellAttribute
GetTableCellVal
GetTableCellValLength
GetTableColumnAttribute
GetTableRowAttribute
InStandaloneExecutable
InitCVIRTDll
MakePoint_8STRCTEAXEDX_
WhichRuntimeSupportDll
_PtrSetRetValLoc
__CanSkipDisablePatch3EK8PMIO
__CreatePtrInfoForWinMainCommandLine
__DBG_GetCurrentThreadEnv
__GetLocalThreadEnvSlot
__SetCurrentDebuggingLevel
strncpy
strnicmp
AddTreeImage
CVIAbsoluteTimeFromLocalCalendar
CVIAbsoluteTimeFromTimeUnit
CVIAbsoluteTimeToLocalCalendar
CVIAbsoluteTimeToTimeUnit
CVIRTDllAbnormalExit
CVI_GetFileSize
CVI_GetFileTime
CVI__ismbblead
CVI__mbsbtype
CVI__mbschr
CVI__mbsdec
CVI__mbsicmp
CVI__mbsinc
CVI__mbslen
CVI__mbsnbcmp
CVI__mbsnbcpy
CVI__mbsnbicmp
CVI__mbsrchr
CVI__mbsstr
CVI_inp
CVI_outp
CmtDiscardLock
CmtDiscardTSV
CmtDiscardThreadLocalVar
CmtGetCurrentThreadID
CmtGetLock
CmtGetTSVPtr
CmtGetThreadLocalVar
CmtNewLock
CmtNewTSV
CmtNewThreadLocalVar
CmtReleaseLock
CmtReleaseTSVPtr
CmtSetTSV
CreateMetaFont
CurrThreadId
DeleteListItem
DiscardCtrl
Fmt
Get3dBorderColors
GetActivePanel
GetActiveTreeItem
GetAnnotationAttribute
GetBitmapData
GetBitmapInfo
GetCtrlBoundingRect
GetCtrlIndex
GetCurrentPlatform
GetDateTimeElements
GetFileDate
GetFileInfo
GetFirstFile
GetImageBits
GetImageInfo
GetLabelFromIndex
GetLabelLengthFromIndex
GetMenuBarAttribute
GetMonitorAttribute
GetMonitorFromPoint
GetNextFile
GetNumListItems
GetPanelAttribute
GetRelativeMouseState
GetScaledCtrlDisplayBitmap
GetScaledPanelDisplayBitmap
GetSystemAttribute
GetTabPageAttribute
GetTableCellRingValueFromIndex
GetTableCellRingValueLengthFromIndex
GetTextDisplaySize
GetTimerTickData
GetTreeCellAttribute
GetTreeColumnAttribute
GetTreeItem
GetTreeItemAttribute
GetTreeItemNumChildren
GetTreeItemParent
GetTreeItemPath
GetTreeItemPathLength
GetUILErrorString
GetUserEvent
GetValueFromIndex
GetValueLengthFromIndex
GetWaitCursorState
InsertTreeColumn
InsertTreeItem
InstallCtrlCallback
InstallPanelCallback
InstallPopup
MakeColor
MakeDateTime
MakeRect
MenuIsOpen
NewBitmap
NewCtrl
NewCtrlMenuItem
NewCtrlMenuSeparator
NewPanel
PointPinnedToRect
PostDeferredCallToThread
PromptPopup
QueueUserEvent
RectBottom
RectContainsPoint
RectGrow
RectRight
RemovePopup
RenameFile
ReplaceListItem
SetActiveTreeItem
SetColumnWidthToWidestCellContents
SetEnableResourceTracking
SetImageBits
SetPanelPos
SetTreeCellAttribute
SetTreeColumnAttribute
SetTreeItemAttribute
SplitPath
Timer_FLTREG_
_GetErrno
_GetFilesArray
_UPLibBreakpoint
__CVI_Resource_Acquire
__CVI_Resource_Release
__DBG_SafeCall
__GetResDirPathString
abort
abs
calloc
ceil_FLTREG_
clock
fgets
floor_FLTREG_
fprintf
fseek
ftell
isspace
memchr
memcmp
memcpy
memmove
memset
mktime
pow_FLTREG_
printf
realloc
remove
setlocale
sscanf
strcat
strcpy
strftime
stricmp
strncmp
toupper
CmtGetLockAttribute
CmtGetTSQAttributeEx
CmtGetTSQReadPtr
CmtReleaseTSQReadPtr
FormatDateTimeString
GetBreakOnFirstChanceExceptions
GetBreakOnProtectionErrors
GetTCPPeerAddr
GetTCPPeerName
SetBreakOnFirstChanceExceptions
SetBreakOnProtectionErrors
ctime
strchr
_UP_CVI_CopyFile
_UP_CmtScheduleThreadPoolFunction
_UP_ConfirmPopup
_UP_DateStr
_UP_GetDir
_UP_GetObjHandleFromActiveXCtrl
_UP_GetPanelHandleFromTabPage
_UP_LoadPanel
_UP_MessagePopup
_UP_NewActiveXCtrl
_UP_NewActiveXCtrlFromFile
_UP_PrintTextFile
_UP_ResetTextBox
_UP_atoi
_UP_fclose
_UP_fflush
_UP_fopen
_UP_fputs
_UP_fread
_UP_fwrite
_UP_isalnum
_UP_isdigit
_UP_localtime
_UP_memcpy
_UP_memset
_UP_strcat
_UP_strcmp
_UP_strcpy
_UP_strlen
_UP_strncpy
_UP_strstr
_UP_strtok
_UP_time
CVI_CopyFile
ClearListCtrl
CmtScheduleThreadPoolFunction
ConfirmPopup
DateStr
Delay
DisableBreakOnLibraryErrors
DiscardPanel
DisplayPanel
EnableBreakOnLibraryErrors
GetBreakOnLibraryErrors
GetCtrlVal
GetDir
GetObjHandleFromActiveXCtrl
GetPanelHandleFromTabPage
GetTextBoxLine
InsertListItem
LoadPanel
MessagePopup
NewActiveXCtrl
NewActiveXCtrlFromFile
PrintTextFile
ProcessSystemEvents
QuitUserInterface
ReportUPError
ResetTextBox
ResetTimer
RunUserInterface
SetActiveCtrl
SetActivePanel
SetBreakOnLibraryErrors
SetCtrlAttribute
SetCtrlVal
SetInputMode
SetPanelAttribute
SetPrintAttributeEx
SetWaitCursor
_CopyPtrInfo
_GetParamInfo
_InitBlkInfo
_InitPtrInfo
_LocalsRuntimeCheck
_LocalsRuntimeInit
_LocalsRuntimeSet
_PassArgCoord
_PassParamInfo
_PtrAssignPtr
_PtrAssignStruct
_PtrBlkRValue
_PtrCast
_PtrCastStructBlk
_PtrCastToScalar
_PtrChkArith
_PtrChkAssign
_PtrChkDeref
_PtrChkSubtract
_PtrPostCall
_PtrPreCall
_PtrStructMemInfoPtr
_PtrStructMemSizePtr
_ReceiveBlkInfo
_ReceivePtrInfo
_RemoveVaArgInfo
_ResetCalledFunPtr
_ReturnPtrInfo
_UPLibBeginChkVaArgs
_UPLibBreakpointWithElab
_UPLibChkRefArg
_UPLibChkSize
_UPLibChkString
_UPLibChkVaArg
_UPLibChkVaArgs
_UPLibClearArgs
_UPLibFreeDynPtrInfo
_UPLibReportError
_UPReturnPointerSizeInfo
_UPSetOutputPointerSizeInfo
_VaArgPassArgInfo
atoi
fclose
fflush
fopen
fputs
fread
free
fwrite
isalnum
isdigit
localtime
malloc
sprintf
strcmp
strlen
time

kernel32

CloseHandle
CreateMutexA
DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetCommandLineA
GetCurrentProcessId
GetEnvironmentVariableA
GetLastError
GetModuleFileNameA
GetStartupInfoA
InitializeCriticalSection
LeaveCriticalSection
ReleaseMutex
SetLastError
TlsGetValue
WaitForSingleObject
DebugBreak
GetComputerNameA
GetCurrentThreadId
GetDiskFreeSpaceA
GetFileAttributesW
GetModuleFileNameW
GetModuleHandleW
GetSystemDirectoryA
GetUserDefaultLCID
GetVersion
GetVersionExA
GetWindowsDirectoryA
GlobalMemoryStatus
InterlockedExchange
IsDebuggerPresent
LoadLibraryW
OutputDebugStringA
Sleep
ExitProcess
OpenMutexA
GetCurrentProcess
LocalAlloc
LocalFree
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
lstrlenA
GetModuleHandleA
GetProcAddress
LoadLibraryA

sicl32

ord13
ord1
ord3
ord11
ord7
ord33

gdi32

GetDeviceCaps
DeleteDC
DeleteObject
GetDIBits

user32

GetDC
wsprintfA
CallWindowProcA
CreatePopupMenu
DefWindowProcA
DestroyIcon
DestroyMenu
GetCursorPos
GetIconInfo
GetKeyboardType
GetMenuDefaultItem
GetMenuItemCount
GetMenuItemInfoA
GetSysColor
GetWindowLongA
InsertMenuItemA
LoadImageA
PostMessageA
SetForegroundWindow
SetMenuDefaultItem
SetMenuItemInfoA
SetWindowLongA
SystemParametersInfoA
TrackPopupMenu

advapi32

GetUserNameA
RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyExA
RegEnumValueA
RegOpenKeyExA
RegQueryInfoKeyA
RegQueryValueExA
RegSetValueExA

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 633KB - Virtual size: 633KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.db_fram
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.db_info
Size: 143KB - Virtual size: 142KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.db_abbv
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.db_line
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.db_pnam
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.db_ptyp
Size: 512B - Virtual size: 353B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.db_ref
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 580KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.debug
Size: 175KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

_data
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_text
Size: 512B - Virtual size: 444B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.db_rngs
Size: 512B - Virtual size: 168B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 291KB - Virtual size: 291KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5c6e40b9ffeb2bef61090ac9228156f2

Headers

DLL Characteristics

File Characteristics

Imports

cvirte

kernel32

sicl32

gdi32

user32

advapi32

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

.data Size: 633KB - Virtual size: 633KB

.db_fram Size: 16KB - Virtual size: 15KB

.db_info Size: 143KB - Virtual size: 142KB

.db_abbv Size: 9KB - Virtual size: 8KB

.db_line Size: 81KB - Virtual size: 81KB

.db_pnam Size: 11KB - Virtual size: 10KB

.db_ptyp Size: 512B - Virtual size: 353B

.db_ref Size: 8KB - Virtual size: 7KB

.bss Size: - Virtual size: 580KB

.rdata Size: 102KB - Virtual size: 101KB

.idata Size: 11KB - Virtual size: 10KB

.debug Size: 175KB - Virtual size: 175KB

_data Size: 512B - Virtual size: 10B

_text Size: 512B - Virtual size: 444B

.db_rngs Size: 512B - Virtual size: 168B

.rsrc Size: 291KB - Virtual size: 291KB

.text
Size: 2.4MB - Virtual size: 2.4MB

.data
Size: 633KB - Virtual size: 633KB

.db_fram
Size: 16KB - Virtual size: 15KB

.db_info
Size: 143KB - Virtual size: 142KB

.db_abbv
Size: 9KB - Virtual size: 8KB

.db_line
Size: 81KB - Virtual size: 81KB

.db_pnam
Size: 11KB - Virtual size: 10KB

.db_ptyp
Size: 512B - Virtual size: 353B

.db_ref
Size: 8KB - Virtual size: 7KB

.bss
Size: - Virtual size: 580KB

.rdata
Size: 102KB - Virtual size: 101KB

.idata
Size: 11KB - Virtual size: 10KB

.debug
Size: 175KB - Virtual size: 175KB

_data
Size: 512B - Virtual size: 10B

_text
Size: 512B - Virtual size: 444B

.db_rngs
Size: 512B - Virtual size: 168B

.rsrc
Size: 291KB - Virtual size: 291KB