a75e46430697955392a22f8d206b87b0_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

a75e46430697955392a22f8d206b87b0_NeikiAnalytics
Size

3.5MB
MD5

a75e46430697955392a22f8d206b87b0
SHA1

734335854a581e4420e4e1358cbd8a503c046766
SHA256

e0616d375b6112a01b74603250c42ea8b6e3374a05864982fad26e34a0c4f064
SHA512

8b6699051fc9ae5b578292ebeb9d1904d7cc04bfc5add49b7c4757a8750dc20d75f1c95519bd1f4d6c10721f09fd9c66cdc5fe46df83f39af388eb643d721f83
SSDEEP

98304:Xfglt7dqMrkaDBgRDiKPZjz0vnhZNJmi6tI5piOiqBy8BrkdRrOhlRfzhUbl12:GPmDiKRAci6tI5piOiqBy8BrkdRrOhlp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a75e46430697955392a22f8d206b87b0_NeikiAnalytics

Files

a75e46430697955392a22f8d206b87b0_NeikiAnalytics
.exe windows:5 windows x86 arch:x86

d320b777127679e4043600a7f5a13191

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

IsTextUnicode
GetUserNameA

comdlg32

PrintDlgA

user32

PeekMessageA
IsWindowUnicode
PeekMessageW
DestroyWindow
GetDoubleClickTime
GetSysColor
SystemParametersInfoA
GetSystemMetrics
GetIconInfo
DrawIconEx
DestroyIcon
MessageBoxA
GetActiveWindow
SetTimer
GetWindow
GetCaretBlinkTime
ShowWindow
UpdateWindow
SetWindowLongA
GetWindowLongA
SetForegroundWindow
GetParent
GetForegroundWindow
SetFocus
GetFocus
SetCapture
GetCapture
ReleaseDC
GetCursorPos
DefWindowProcA
DestroyCursor
SetCursor
ReleaseCapture
InvalidateRect
PostQuitMessage
DispatchMessageA
DispatchMessageW
TranslateMessage
GetMessageA
CreateWindowExA
RegisterClassA
UnregisterHotKey
MsgWaitForMultipleObjects
GetWindowRect
SetWindowPos
AdjustWindowRectEx
ScrollWindow
GetClipboardFormatNameA
CreateIconIndirect
LoadImageA
LoadIconA
IsClipboardFormatAvailable
GetClipboardData
EmptyClipboard
RegisterClipboardFormatA
CloseClipboard
SetClipboardData
OpenClipboard
FlashWindowEx
SendMessageA
SetWindowTextW
SetWindowTextA
IsIconic
IsZoomed
GetWindowPlacement
MessageBeep
BeginPaint
EndPaint
AdjustWindowRect
DefWindowProcW
GetKeyboardLayout
GetKeyState
PostMessageA
LoadCursorA
RegisterClassW
IsWindowVisible
CreateWindowExW
MoveWindow
GetDC
GetUpdateRgn
HideCaret
ValidateRect
ShowCaret
GetClientRect
ClientToScreen

gdi32

GetObjectA
DeleteObject
CreateDCA
GetEnhMetaFileHeader
PlayEnhMetaFile
DeleteEnhMetaFile
ExtTextOutW
GetClipRgn
ExtSelectClipRgn
GetROP2
GetCurrentObject
GetBkColor
GetTextColor
SetROP2
Polyline
PolyPolyline
MoveToEx
LineTo
RectVisible
Ellipse
Arc
Polygon
PolyPolygon
CreatePatternBrush
SetTextColor
SetBkColor
GetClipBox
PatBlt
CreateRectRgnIndirect
CombineRgn
GetTextMetricsA
CreateSolidBrush
GetStockObject
GetNearestColor
CreateFontA
EndDoc
StartDocA
CreateICA
EndPage
StartPage
SetBkMode
SetTextAlign
GetViewportOrgEx
LPtoDP
CreatePalette
SetMapMode
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
GetDeviceCaps
CreateDIBitmap
GetDIBits
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBSection
SetDIBitsToDevice
CreateBitmap
BitBlt
SelectObject
DeleteDC
StretchDIBits
SetEnhMetaFileBits
SetWinMetaFileBits
GdiFlush
SelectPalette
RealizePalette
CreateRectRgn
SelectClipRgn
GetFontData
GetCharWidthW
GetCharABCWidthsW
EnumFontFamiliesA
AbortDoc
GetCharABCWidthsA
CreatePen

kernel32

LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetLastError
GetProcessHeap
SetEnvironmentVariableW
SetEnvironmentVariableA
CompareStringW
CompareStringA
WriteConsoleA
CreateProcessA
GetExitCodeProcess
SetStdHandle
IsValidLocale
EnumSystemLocalesA
GetStringTypeW
GetStringTypeA
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStrings
FreeEnvironmentStringsA
LoadLibraryW
IsValidCodePage
GetOEMCP
GetACP
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetFileAttributesA
SetHandleCount
InitializeCriticalSectionAndSpinCount
HeapCreate
HeapSize
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetCPInfo
LCMapStringW
LCMapStringA
GetStartupInfoA
GetCommandLineA
GetModuleFileNameW
GetFileType
WriteConsoleW
HeapReAlloc
HeapAlloc
ExitProcess
GetModuleHandleW
HeapFree
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
RaiseException
RtlUnwind
InterlockedExchange
InterlockedDecrement
InterlockedIncrement
GlobalMemoryStatus
GetCurrentProcess
SetUnhandledExceptionFilter
GetLocaleInfoW
SetEvent
CreateEventA
GetVersionExA
FreeLibrary
IsBadReadPtr
VirtualAlloc
VirtualFree
OutputDebugStringA
GetModuleFileNameA
GetSystemTime
GetLocalTime
FileTimeToLocalFileTime
FileTimeToSystemTime
ReadFile
SetFilePointer
SetEndOfFile
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetVolumeInformationA
GetDriveTypeA
FindFirstFileA
MoveFileA
CopyFileA
FindNextFileA
GetFullPathNameA
GetCurrentDirectoryA
FindClose
GetUserDefaultLCID
GetConsoleOutputCP
CreateFileA
GetFileSize
GetStdHandle
WriteFile
FormatMessageA
MultiByteToWideChar
CreateDirectoryA
CloseHandle
WaitForSingleObject
CreateProcessW
DeleteFileA
WideCharToMultiByte
Sleep
GetTickCount
CreateThread
GetModuleHandleA
GlobalSize
GlobalAlloc
GetLocaleInfoA
GetCurrentThreadId
LoadLibraryA
GetProcAddress
GetVersion
GlobalLock
GlobalUnlock
GlobalFree
EnterCriticalSection

shell32

ShellExecuteW
SHGetFolderPathW
SHGetFileInfoA

winmm

timeGetTime
PlaySoundA
timeBeginPeriod

ole32

DoDragDrop
CoTaskMemFree
ReleaseStgMedium
OleUninitialize
OleInitialize
RevokeDragDrop
RegisterDragDrop
CoCreateGuid

ws2_32

htonl
getservbyname
htons
inet_addr
gethostbyname
shutdown
socket
getsockname
ntohl
connect
bind
listen
__WSAFDIsSet
closesocket
accept
send
ioctlsocket
WSAGetLastError
WSAStartup
recv
select
getaddrinfo
freeaddrinfo
setsockopt

mpr

WNetOpenEnumA
WNetEnumResourceA
WNetCloseEnum

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 944KB - Virtual size: 943KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 226KB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d320b777127679e4043600a7f5a13191

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

comdlg32

user32

gdi32

kernel32

shell32

winmm

ole32

ws2_32

mpr

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 944KB - Virtual size: 943KB

.data Size: 226KB - Virtual size: 2.3MB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 944KB - Virtual size: 943KB

.data
Size: 226KB - Virtual size: 2.3MB

.rsrc
Size: 4KB - Virtual size: 3KB