65a7db81f2d074d4bee3961b2cd000e0_NeikiAnalytics

Sharing

Copy URL

Twitter E-mail

General

Target

65a7db81f2d074d4bee3961b2cd000e0_NeikiAnalytics
Size

3.1MB
MD5

65a7db81f2d074d4bee3961b2cd000e0
SHA1

4817f10eb3f70a52f23cdcb5c45b162c53576c65
SHA256

13c3072449458dac2e4378cf22fd4cc176a1663946ce65424f5bbec4bfcba25b
SHA512

edafe019bf6c84aa3f0708aea0b28225cce30227bd47e97ab76cce59e7fa18d749e72401c02bf1f3a2bf62c17d5c18700f8933ae199b6f54d889e090cff43440
SSDEEP

49152:4/yYSgCKNG43CXiKqse3pKfiYrObSDM+GZmT3hdp8JA/h3XLBq3HOQOC:2yYSIoXib3pKfi7cM+GGAi/hXW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
65a7db81f2d074d4bee3961b2cd000e0_NeikiAnalytics

Files

65a7db81f2d074d4bee3961b2cd000e0_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

8ebd4f0dcab15d7948120404fe0d6fe6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoA
GetDateFormatA
GetTimeFormatA
_lopen
GetFileSizeEx
_lclose
RtlMoveMemory
lstrcpyn
GetProcessHeap
GetModuleHandleA
ExitProcess
HeapAlloc
HeapReAlloc
HeapFree
IsBadReadPtr
GetModuleFileNameA
WriteFile
CreateFileA
WritePrivateProfileStringA
WaitForSingleObject
CreateProcessA
GetStartupInfoA
Sleep
GetLocalTime
GetPrivateProfileStringA
GetUserDefaultLCID
GetEnvironmentVariableA
FindNextFileA
FindFirstFileA
ReadFile
GetFileSize
GetTickCount
FreeLibrary
GetProcAddress
LoadLibraryA
LCMapStringA
FlushFileBuffers
FileTimeToSystemTime
SetStdHandle
LCMapStringW
IsBadCodePtr
SetUnhandledExceptionFilter
SetFilePointer
InterlockedIncrement
InterlockedDecrement
GetStringTypeW
GetStringTypeA
GetOEMCP
GetACP
GetCPInfo
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
IsBadWritePtr
VirtualAlloc
RaiseException
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetLastError
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
GetCurrentThreadId
DeleteCriticalSection
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FileTimeToLocalFileTime
GetFileTime
CreateFileW
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
RtlUnwind
GetVersion
GetCommandLineA
DeleteFileA
FindClose
FindNextFileW
DeleteFileW
FindFirstFileW
GetFileAttributesW
GetLogicalDriveStringsA
TerminateProcess
QueryDosDeviceW
WideCharToMultiByte
GetTempPathW
lstrlenW
Module32First
Process32Next
Process32First
CreateToolhelp32Snapshot
CreateThread
CreateDirectoryW
MultiByteToWideChar
CloseHandle
LocalFree
LocalAlloc
OpenProcess
GetCurrentProcess

shlwapi

StrFormatByteSize64A
PathIsDirectoryW

user32

TranslateMessage
DispatchMessageA
PeekMessageA
ClientToScreen
GetMessageA
wsprintfA
MessageBoxA
SetClipboardData
EmptyClipboard
CloseClipboard
GetClipboardData
OpenClipboard
GetClientRect
PrintWindow
GetWindowRect
IsWindowVisible
IsIconic
SetCursorPos
GetIconInfo
GetCursorInfo
EnumDisplaySettingsA
DrawIconEx
FillRect
LoadImageA
ReleaseDC
GetDC
keybd_event
PostMessageA
GetDesktopWindow
DrawIcon

ole32

CoUninitialize
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
CoInitialize
OleRun

shell32

SHGetSpecialFolderPathW
ShellExecuteW

psapi

GetProcessImageFileNameW

crypt32

CryptBinaryToStringA
CryptStringToBinaryA

oleaut32

VariantInit
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetElemsize
VarR8FromCy
VarR8FromBool
VariantChangeType
LoadTypeLi
LHashValOfNameSys
RegisterTypeLi
VariantCopy
SafeArrayCreate
SysAllocString
VariantClear
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime

gdi32

GetDIBits
SetPixelV
GetPixel
GetDeviceCaps
CreateSolidBrush
CreateCompatibleBitmap
GdiFlush
BitBlt
GetObjectA
CreateDIBSection
CreateCompatibleDC
SelectObject
SetDIBitsToDevice
DeleteDC
DeleteObject

advapi32

RegDeleteKeyA
RegQueryValueExA
RegOpenKeyExA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegOpenKeyA

Sections

.text
Size: 220KB - Virtual size: 218KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 596B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8ebd4f0dcab15d7948120404fe0d6fe6

Headers

File Characteristics

Imports

kernel32

shlwapi

user32

ole32

shell32

psapi

crypt32

oleaut32

gdi32

advapi32

Sections

.text Size: 220KB - Virtual size: 218KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 2.9MB - Virtual size: 2.9MB

.rsrc Size: 4KB - Virtual size: 596B

.text
Size: 220KB - Virtual size: 218KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 2.9MB - Virtual size: 2.9MB

.rsrc
Size: 4KB - Virtual size: 596B