768556a39bfd962074572c470c3684d0_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

768556a39bfd962074572c470c3684d0_NeikiAnalytics
Size

228KB
MD5

768556a39bfd962074572c470c3684d0
SHA1

717afe75608b0f2985a019f462fea63018265b91
SHA256

e06675f86a7ce5228b65a32c53f31e4f73ec24a1d922e99d66e85791d6635563
SHA512

d69adab203f3e5011842e56b7eedaf5d4cb38f06df83c74a9d989b15737f2af97a693c1e35328a33d5fe51a94dbfedeb72dc29c372d258604d3d76d27dfb4d12
SSDEEP

3072:gAFeWNTTf7YDsqBO9lKIV1BDWJEQjQGy8eak8qhpYQEdi2W+4aHCzhdX/Fc8Wdfi:9FN/sDtIVajcrzJDYZeTFlqfm3L/xFr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
768556a39bfd962074572c470c3684d0_NeikiAnalytics

Files

768556a39bfd962074572c470c3684d0_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

1c8c4ae52a40227bfcc4a779549fddcc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

cygcairo-2

cairo_create
cairo_destroy
cairo_image_surface_create_for_data
cairo_rotate
cairo_scale
cairo_status
cairo_surface_destroy
cairo_surface_status
cairo_translate

cygwin1

__ctype_ptr__
__errno
__getreent
__main
_dll_crt0@0
_fopen64
_impure_ptr
_stat64
access
acos
atan
atoi
calloc
cygwin_detach_dll
cygwin_internal
dll_dllcrt0
exit
fclose
fflush
fprintf
fputc
fputs
fread
free
fwrite
getenv
longjmp
malloc
memcpy
memmove
memset
mkstemp
nl_langinfo
printf
putenv
qsort
read
realloc
rewind
select
setjmp
shmat
shmctl
shmdt
shmget
sigaction
sigaddset
sigemptyset
sprintf
sqrt
sscanf
strcasecmp
strcat
strchr
strcmp
strcpy
strdup
strlen
strncasecmp
strncat
strncpy
strrchr
strtoul
sysconf
time
tolower
toupper
uname
unsetenv
usleep
waitpid
write

cygfontconfig-1

FcPatternAddMatrix
FcPatternDel
FcPatternDestroy
FcPatternDuplicate
FcPatternGetMatrix
FcPatternPrint

cygfribidi-0

fribidi_charset_to_unicode
fribidi_get_bidi_type
fribidi_log2vis
fribidi_parse_charset
fribidi_unicode_to_charset

cyggobject-2.0-0

g_object_unref
g_type_check_instance_cast

cygiconv-2

libiconv
libiconv_close
libiconv_open

cygintl-8

locale_charset

cygpng15-15

png_create_info_struct
png_create_read_struct
png_destroy_read_struct
png_get_IHDR
png_get_bit_depth
png_get_color_type
png_get_valid
png_init_io
png_read_end
png_read_image
png_read_info
png_set_bgr
png_set_expand
png_set_expand_gray_1_2_4_to_8
png_set_filler
png_set_gray_to_rgb
png_set_packing
png_set_strip_16
png_sig_cmp

cygrsvg-2-2

rsvg_handle_get_dimensions
rsvg_handle_new_from_file
rsvg_handle_render_cairo
rsvg_init

cygx11-6

XAllocColor
XAllocColorCells
XAllowEvents
XBell
XChangeGC
XChangeWindowAttributes
XCheckIfEvent
XCheckMaskEvent
XCheckTypedEvent
XCheckTypedWindowEvent
XCheckWindowEvent
XClearArea
XClearWindow
XCloseOM
XConnectionNumber
XCopyArea
XCopyGC
XCopyPlane
XCreateFontSet
XCreateGC
XCreateImage
XCreatePixmap
XCreatePixmapCursor
XCreatePixmapFromBitmapData
XCreateRegion
XCreateWindow
XDestroyRegion
XDestroyWindow
XDisplayName
XDrawImageString
XDrawImageString16
XDrawLine
XDrawPoint
XDrawSegments
XDrawString
XDrawString16
XEventsQueued
XExtentsOfFontSet
XFillPolygon
XFillRectangle
XFontsOfFontSet
XFree
XFreeColors
XFreeFont
XFreeFontSet
XFreeGC
XFreePixmap
XFreeStringList
XGetAtomName
XGetErrorText
XGetFontProperty
XGetGCValues
XGetGeometry
XGetImage
XGetMotionEvents
XGetOMValues
XGetSubImage
XGetVisualInfo
XGetWindowAttributes
XGrabButton
XGrabKeyboard
XGrabPointer
XGrabServer
XIfEvent
XInternAtom
XListDepths
XLoadQueryFont
XLookupString
XLowerWindow
XMapRaised
XMaskEvent
XMoveResizeWindow
XMoveWindow
XNextEvent
XOpenDisplay
XOpenOM
XParseColor
XParseGeometry
XPeekEvent
XPeekIfEvent
XPending
XPutBackEvent
XPutImage
XQLength
XQueryBestTile
XQueryColor
XQueryColors
XQueryExtension
XQueryPointer
XQueryTree
XRaiseWindow
XReadBitmapFile
XReparentWindow
XResizeWindow
XRestackWindows
XSendEvent
XSetBackground
XSetClipMask
XSetClipRectangles
XSetDashes
XSetErrorHandler
XSetFillStyle
XSetFont
XSetForeground
XSetIconName
XSetLocaleModifiers
XSetRegion
XSetStipple
XSetTSOrigin
XSetTransientForHint
XSetWMIconName
XSetWMNormalHints
XSetWMProperties
XSetWMProtocols
XSetWindowBackground
XSetWindowBackgroundPixmap
XSetWindowBorder
XStoreColors
XStoreName
XStringListToTextProperty
XSupportsLocale
XSync
XTextWidth
XTextWidth16
XTranslateCoordinates
XUngrabKeyboard
XUngrabPointer
XUngrabServer
XUnionRectWithRegion
XUnmapWindow
XWarpPointer
XWindowEvent
XmbDrawString
XmbTextEscapement
XmbTextListToTextProperty
XmbTextPropertyToTextList
_Xsetlocale

cygxcursor-1

XcursorFilenameLoadImages
XcursorGetDefaultSize
XcursorImageCreate
XcursorImageDestroy
XcursorImageLoadCursor
XcursorImagesDestroy
XcursorImagesLoadCursor

cygxext-6

XShapeCombineMask
XShapeCombineRectangles
XShapeQueryExtension
XShmAttach
XShmCreateImage
XShmDetach
XShmGetImage
XShmPutImage

cygxft-2

XftDrawCreate
XftDrawDestroy
XftDrawSetClip
XftDrawString16
XftDrawString32
XftDrawString8
XftDrawStringUtf8
XftFontClose
XftFontMatch
XftFontOpenPattern
XftNameParse
XftTextExtents16
XftTextExtents32
XftTextExtents8
XftTextExtentsUtf8

cygxinerama-1

XineramaIsActive
XineramaQueryExtension
XineramaQueryScreens

cygxpm-4

XpmCreatePixmapFromData
XpmFreeXpmImage
XpmFreeXpmInfo
XpmReadFileToXpmImage

cygxrender-1

XRenderComposite
XRenderCreatePicture
XRenderFillRectangle
XRenderFindFormat
XRenderFindVisualFormat
XRenderFreePicture

kernel32

GetModuleHandleA
GetProcAddress

Sections

.text
Size: 170KB - Virtual size: 170KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/14
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1c8c4ae52a40227bfcc4a779549fddcc

Headers

DLL Characteristics

File Characteristics

Imports

cygcairo-2

cygwin1

cygfontconfig-1

cygfribidi-0

cyggobject-2.0-0

cygiconv-2

cygintl-8

cygpng15-15

cygrsvg-2-2

cygx11-6

cygxcursor-1

cygxext-6

cygxft-2

cygxinerama-1

cygxpm-4

cygxrender-1

kernel32

Sections

.text Size: 170KB - Virtual size: 170KB

.data Size: 45KB - Virtual size: 45KB

/4 Size: 512B - Virtual size: 4B

.bss Size: - Virtual size: 8KB

.idata Size: 10KB - Virtual size: 9KB

/14 Size: 512B - Virtual size: 24B

.text
Size: 170KB - Virtual size: 170KB

.data
Size: 45KB - Virtual size: 45KB

/4
Size: 512B - Virtual size: 4B

.bss
Size: - Virtual size: 8KB

.idata
Size: 10KB - Virtual size: 9KB

/14
Size: 512B - Virtual size: 24B