501dc0ce8e755cf56b9dcc0e66bd1b50_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

501dc0ce8e755cf56b9dcc0e66bd1b50_NeikiAnalytics
Size

300KB
MD5

501dc0ce8e755cf56b9dcc0e66bd1b50
SHA1

b852aa8e2bacda0dc700a7262c1f6ea258deafa4
SHA256

68c130b9d0406132ecc00c0d1f69079958bee01afd1eb688213c820594ff8667
SHA512

c8f1a092fc4d5464974217fa0c91ce54bb659a4d04a2a4584f6a6dfbe7074b88744fe5457fccc5b2839c422fadfaf4630407bbbdf687abab8a0ab739c5a43a6c
SSDEEP

3072:PHy9ssNnFlRWsjlMWujplvCAnl/KOADdHA+8yLUkB//lD7sw+wudm7fcqpoXOL8H:P0NnBfpMWujb/UNi6BFD7/JB74

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
501dc0ce8e755cf56b9dcc0e66bd1b50_NeikiAnalytics

Files

501dc0ce8e755cf56b9dcc0e66bd1b50_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

62c9230dbc23c6836fed80d3eb693bf4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
HeapFree
HeapReAlloc
HeapAlloc
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
RaiseException
ExitProcess
TerminateProcess
HeapSize
GetCPInfo
GetACP
GetOEMCP
GetTimeZoneInformation
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
FileTimeToLocalFileTime
GetProcAddress
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStdHandle
SetUnhandledExceptionFilter
GetStringTypeA
SetErrorMode
LCMapStringA
LCMapStringW
SetStdHandle
GetLocaleInfoA
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
_lopen
GetVersion
_lwrite
lstrcpynA
GlobalUnlock
GetPrivateProfileStringA
lstrlenA
GetPrivateProfileIntA
GetWindowsDirectoryA
lstrcatA
_llseek
_lread
GlobalAlloc
lstrcpyA
OpenFile
_hwrite
_lclose
WritePrivateProfileStringA
GlobalLock
GlobalFree
GetTickCount
FreeLibrary
LoadLibraryA
GetProfileStringA
FileTimeToSystemTime
GetFileTime
GetFileSize
SizeofResource
GlobalGetAtomNameA
GlobalAddAtomA
GlobalSize
GetModuleFileNameA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
WriteFile
GetCurrentProcess
DuplicateHandle
MultiByteToWideChar
WideCharToMultiByte
InterlockedIncrement
GetProcessVersion
GlobalFlags
lstrcmpiA
MulDiv
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
GetLastError
SetLastError
GlobalDeleteAtom
lstrcmpA
GetCurrentThread
InterlockedDecrement
GetProfileIntA
IsBadReadPtr
IsBadWritePtr
FindResourceA
LoadResource
LockResource
GetCurrentThreadId
CreateFileA
SetFilePointer
ReadFile
CloseHandle
GetStringTypeW
IsBadCodePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA

user32

IsIconic
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
SetMenu
ReuseDDElParam
UnpackDDElParam
BringWindowToTop
LoadStringA
PostThreadMessageA
IntersectRect
EnableMenuItem
GetNextDlgTabItem
PtInRect
SendDlgItemMessageA
SystemParametersInfoA
MapWindowPoints
GetSysColor
SetActiveWindow
IsWindow
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
IsWindowVisible
GetTopWindow
IsWindowEnabled
GetParent
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetMenu
GetWindowTextA
CharUpperA
DefWindowProcA
CreateWindowExA
SetWindowsHookExA
SetPropA
CallNextHookEx
UnhookWindowsHookEx
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetPropA
RemovePropA
CallWindowProcA
GetMessageTime
GetMessagePos
GetWindow
GetWindowLongA
SetWindowLongA
RegisterWindowMessageA
GetClientRect
GetAsyncKeyState
WindowFromPoint
ClientToScreen
ReleaseCapture
PostMessageA
GetCursorPos
FindWindowA
FindWindowExA
GetClassNameA
SetWindowPos
SetCapture
LoadIconA
CreateDialogParamA
SetFocus
DestroyWindow
KillTimer
EndDialog
BeginPaint
FillRect
TabbedTextOutA
GetWindowDC
DestroyMenu
SetWindowTextA
SetDlgItemTextA
EndPaint
GetWindowRect
GetSystemMetrics
MoveWindow
GetDlgItem
ScreenToClient
InflateRect
SetCursorPos
SetTimer
InvalidateRect
UpdateWindow
GrayStringA
DrawTextA
GetWindowTextLengthA
GetDC
PeekMessageA
TranslateMessage
DispatchMessageA
EnableWindow
SendMessageA
wsprintfA
LoadCursorA
SetCursor
MessageBoxA
GetFocus
ReleaseDC
GetSysColorBrush
GetDesktopWindow
RegisterClipboardFormatA
GetMessageA
ValidateRect
ShowOwnedPopups
PostQuitMessage
SetRect
IsRectEmpty
ShowWindow
IsDialogMessageA
GetActiveWindow
CreateDialogIndirectParamA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
GetDlgCtrlID
GetKeyState
IsChild
CheckMenuItem
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
OffsetRect
CharNextA
IsWindowUnicode

gdi32

SetBkMode
SetTextColor
ExtTextOutA
GetTextExtentPointA
GetStockObject
DeleteObject
DeleteDC
CreateDIBitmap
CreateDCA
SetBkColor
GetObjectA
CreateBitmap
GetDeviceCaps
SaveDC
RestoreDC
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
CreateSolidBrush
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
IntersectClipRect
PtVisible
RectVisible
TextOutA
Escape
CopyMetaFileA
PatBlt
CreateCompatibleDC
BitBlt
SelectObject

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA

shell32

DragQueryFileA
DragFinish

comctl32

ImageList_Destroy
ord17

oledlg

ord8

ole32

CoTaskMemAlloc
CoFreeUnusedLibraries
OleUninitialize
OleDuplicateData
CreateStreamOnHGlobal
CoRegisterMessageFilter
OleInitialize
ReleaseStgMedium
CoTaskMemFree
CoRevokeClassObject
OleIsCurrentClipboard
DoDragDrop
OleFlushClipboard

Sections

.text
Size: 134KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 25KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

62c9230dbc23c6836fed80d3eb693bf4

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

Sections

.text Size: 134KB - Virtual size: 134KB

.rdata Size: 31KB - Virtual size: 31KB

.data Size: 13KB - Virtual size: 31KB

.idata Size: 8KB - Virtual size: 8KB

.rsrc Size: 86KB - Virtual size: 86KB

.reloc Size: 25KB - Virtual size: 29KB

.text
Size: 134KB - Virtual size: 134KB

.rdata
Size: 31KB - Virtual size: 31KB

.data
Size: 13KB - Virtual size: 31KB

.idata
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 86KB - Virtual size: 86KB

.reloc
Size: 25KB - Virtual size: 29KB