af78468da9a128915554236a4c37cab0_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

af78468da9a128915554236a4c37cab0_NeikiAnalytics
Size

480KB
MD5

af78468da9a128915554236a4c37cab0
SHA1

37d90bfb30b332b9ebea02ab3b1a43ea4b6b9aa1
SHA256

986605cdbfd6049726ea99b681c389de2abc9f4d6c023c7c8911d6fa34354066
SHA512

101cc42138677ca73991f6eaf01698fef6f3a856c9ebca5a18c8335f268ac8e49dab5bd1b5b4c31c3703f7d3828b9b1cc295fa139b3a6c25167cad170850a278
SSDEEP

6144:0W3VGOhXf+ZhsL00UkOIUmllF7qkx8NjKhvrM2Umy+0H8SwmYHTKampJ1p3p53Kq:0W3VGOhXf+ZhynUkOIUO7qkIerMCy9F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
af78468da9a128915554236a4c37cab0_NeikiAnalytics

Files

af78468da9a128915554236a4c37cab0_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

ec989f440f21adfe493d28bc82641f46

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
GlobalHandle
LockResource
LoadResource
FindResourceA
lstrlenW
InterlockedIncrement
WideCharToMultiByte
DebugBreak
OutputDebugStringA
MulDiv
FreeLibrary
GetProcAddress
LoadLibraryA
GetModuleHandleA
WriteFile
GetFileSize
ReadFile
GetModuleFileNameA
GetSystemDirectoryA
GetTempPathA
GetWindowsDirectoryA
lstrcmpA
GetLocalTime
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetFileAttributesExA
SystemTimeToFileTime
DeleteFileA
GetVersionExA
GetPrivateProfileStringA
FreeResource
GlobalAlloc
GlobalLock
FlushFileBuffers
GlobalUnlock
SetStdHandle
LCMapStringW
LCMapStringA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
GetOEMCP
GetACP
GetCPInfo
HeapCreate
GetEnvironmentVariableA
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapSize
TerminateProcess
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
RaiseException
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
HeapFree
HeapAlloc
HeapReAlloc
RtlUnwind
LocalFree
InterlockedExchange
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
HeapDestroy
InitializeCriticalSection
CreateMutexA
GetLastError
GetVolumeInformationA
GetDiskFreeSpaceA
SetFilePointer
SetEndOfFile
FindFirstFileA
lstrcmpiA
FindNextFileA
FindClose
GetLogicalDriveStringsA
GetDriveTypeA
CreateFileA
CloseHandle
GetFileAttributesA
SetFileAttributesA
CreateThread
MultiByteToWideChar
GetCurrentThreadId
InterlockedDecrement
GetCurrentProcess
FlushInstructionCache
lstrcpynA
lstrlenA
Sleep

user32

GetSysColor
EndPaint
DestroyCursor
GetFocus
SetFocus
BeginPaint
GetDesktopWindow
CreateAcceleratorTableA
InvalidateRgn
EnumChildWindows
MoveWindow
CopyImage
IsWindowEnabled
SetRectEmpty
PtInRect
IsChild
LoadImageA
GetIconInfo
ReleaseCapture
WindowFromPoint
GetCapture
GetActiveWindow
GetCursorPos
SendMessageA
PeekMessageA
SetCursor
SetWindowLongA
GetWindowLongA
FillRect
FrameRect
wsprintfA
LoadBitmapA
DestroyMenu
CharNextA
wvsprintfA
CharLowerA
CharUpperA
CreateDialogIndirectParamA
RegisterWindowMessageA
GetClassInfoExA
LoadCursorA
RegisterClassExA
CreateDialogParamA
SetMenuDefaultItem
AppendMenuA
TrackPopupMenu
CreatePopupMenu
IsMenu
DrawStateA
GetClassNameA
DrawFocusRect
DrawTextA
EndDialog
DialogBoxParamA
GetWindow
SystemParametersInfoA
MapWindowPoints
IsDialogMessageA
GetDlgItem
ShowWindow
DestroyWindow
PostQuitMessage
GetSystemMetrics
EnableWindow
SetWindowTextA
MessageBoxA
DestroyIcon
GetMessageA
TranslateMessage
DispatchMessageA
LoadStringA
OffsetRect
InflateRect
CopyRect
CallWindowProcA
SetWindowPos
IsWindow
GetDlgCtrlID
GetParent
SetCapture
RedrawWindow
InvalidateRect
ScreenToClient
ClientToScreen
GetClientRect
GetWindowRect
GetWindowTextLengthA
GetWindowTextA
CreateWindowExA
DefWindowProcA
ReleaseDC
GetDC

gdi32

CreateSolidBrush
CreatePen
SetStretchBltMode
Rectangle
DeleteObject
GetStockObject
GetObjectA
DeleteDC
SetTextColor
BitBlt
SetBkColor
StretchBlt
CreateBrushIndirect
CreateFontIndirectA
GetDeviceCaps
CreateCompatibleBitmap
LineTo
SelectObject
CreateCompatibleDC
ExtTextOutA
CreateBitmap
SetBkMode
MoveToEx

comdlg32

GetOpenFileNameA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
DragAcceptFiles
SHQueryRecycleBinA
SHFileOperationA
DragQueryFileA
DragFinish
SHGetFileInfoA
ShellExecuteA
ShellExecuteExA

ole32

CLSIDFromString
CLSIDFromProgID
OleInitialize
CreateStreamOnHGlobal
CoTaskMemAlloc
CoCreateGuid
StringFromCLSID
CoTaskMemFree
CoInitialize
CoUninitialize
CoCreateInstance
OleLockRunning
OleUninitialize

oleaut32

SysAllocStringLen
SysStringLen
VariantClear
SysAllocString
LoadRegTypeLi
OleCreateFontIndirect
VariantCopy
SysFreeString
VariantChangeType
GetErrorInfo
CreateErrorInfo
VariantInit

comctl32

_TrackMouseEvent
ImageList_Create
ImageList_ReplaceIcon
ImageList_GetIcon
InitCommonControlsEx

msimg32

GradientFill

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

Sections

.text
Size: 212KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 224KB - Virtual size: 222KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ec989f440f21adfe493d28bc82641f46

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

msimg32

version

Sections

.text Size: 212KB - Virtual size: 208KB

.rdata Size: 24KB - Virtual size: 21KB

.data Size: 16KB - Virtual size: 21KB

.rsrc Size: 224KB - Virtual size: 222KB

.text
Size: 212KB - Virtual size: 208KB

.rdata
Size: 24KB - Virtual size: 21KB

.data
Size: 16KB - Virtual size: 21KB

.rsrc
Size: 224KB - Virtual size: 222KB