7934a5886b99e004f0d5ad46c40031d0_NeikiAnalytics

Sharing

Copy URL

Twitter E-mail

General

Target

7934a5886b99e004f0d5ad46c40031d0_NeikiAnalytics
Size

7.1MB
MD5

7934a5886b99e004f0d5ad46c40031d0
SHA1

9e783b57e8a5f189d6f4d6b8f189246bee7e61a0
SHA256

9a1f8604222da354e6a893938d358c277f7d5cdcc49ba87ad8bb406a2d04fedc
SHA512

d33c10a74184d984bff0c42e164edd2336265a7c34600d7eafda923ea17d2e9bc6bdc0ea2c42846866b27b1d47b59fe918ff4e6bee8d994c98c279397055fb52
SSDEEP

98304:DwViLzM4Cv/FA9zZ/jtGrc7vJJ5aT5LbSc/V2:DwiCvOjZ7BJ56BT/U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7934a5886b99e004f0d5ad46c40031d0_NeikiAnalytics

Files

7934a5886b99e004f0d5ad46c40031d0_NeikiAnalytics
.dll regsvr32 windows:5 windows x86 arch:x86

d470a48444cec59de5f0491c5e0811a6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileA
GetFullPathNameA
lstrcpynA
GetWindowsDirectoryA
GetEnvironmentVariableA
FindFirstFileA
FindClose
FindNextFileA
SetEndOfFile
QueryPerformanceFrequency
DuplicateHandle
CompareStringW
GetSystemTime
CreateThread
GetCurrentThreadId
ReadFile
TerminateThread
WideCharToMultiByte
GetFileSize
LockResource
LoadLibraryA
GetThreadLocale
SetThreadLocale
FlushInstructionCache
GlobalUnlock
lstrlenW
SizeofResource
Sleep
InitializeCriticalSectionAndSpinCount
GlobalAlloc
GlobalLock
GetCurrentProcess
InterlockedDecrement
InterlockedIncrement
LoadResource
FindResourceW
FindResourceExW
GetVersion
OutputDebugStringA
GetModuleHandleA
SetLastError
GetLastError
GetFileAttributesW
LoadLibraryW
GetWindowsDirectoryW
CloseHandle
DeleteCriticalSection
EnterCriticalSection
GetProcAddress
WriteConsoleW
FlushFileBuffers
GetConsoleMode
GetConsoleCP
SetFilePointer
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStartupInfoW
SetHandleCount
LCMapStringW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
ExitProcess
GetStringTypeW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapCreate
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetFileType
SetStdHandle
RtlUnwind
GetCommandLineA
DecodePointer
EncodePointer
VirtualQuery
GetSystemInfo
VirtualProtect
InterlockedPopEntrySList
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
InterlockedPushEntrySList
InterlockedCompareExchange
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
DosDateTimeToFileTime
LocalFileTimeToFileTime
CreateEventW
SetEvent
GetTickCount
GetSystemTimeAsFileTime
GetCurrentProcessId
OpenProcess
GetProcessTimes
AllocConsole
RaiseException
CreateFileW
GetModuleFileNameW
LeaveCriticalSection
GetModuleHandleW
CreateProcessW
GetStdHandle
GetConsoleScreenBufferInfo
SetConsoleScreenBufferSize
GetPrivateProfileStringW
FormatMessageA
LocalFree
GetSystemDirectoryW
lstrcpyW
TryEnterCriticalSection
WritePrivateProfileStringW
GetPrivateProfileIntW
GetFileInformationByHandle
GetShortPathNameW
GetFullPathNameW
GetLongPathNameW
WaitForSingleObject
GlobalFree
GetProfileStringW
GetUserDefaultUILanguage
MultiByteToWideChar
GetLocaleInfoW
MulDiv
InitializeCriticalSection
GetDriveTypeW
GetTempFileNameW
GetTempPathW
GetFileAttributesExW
GetFileSizeEx
WriteFile
DeleteFileW
GetFileTime
SetFileTime
CreateDirectoryW
SetEnvironmentVariableA

user32

IntersectRect
UnionRect
InvalidateRect
GetWindowLongW
SetWindowLongW
SetWindowPos
ShowWindow
IsWindow
CreateWindowExW
GetAsyncKeyState
MessageBoxW
CallWindowProcW
DefWindowProcW
CharNextW
RegisterWindowMessageW
LoadCursorW
WaitForInputIdle
FindWindowW
GetClassInfoExW
wsprintfW
RegisterClassExW
GetSystemMetrics
SendMessageW
EqualRect
OffsetRect
PtInRect
BeginPaint
SetFocus
GetClientRect
GetParent
GetFocus
GetKeyState
IsChild
SetWindowRgn
DestroyWindow
EndPaint
UnhookWindowsHookEx
UpdateWindow
GetWindowRect
SetCursor
FillRect
DrawTextW
GetSysColor
DrawFrameControl
MapWindowPoints
ReleaseDC
GetDC
SystemParametersInfoW
MoveWindow
GetForegroundWindow
ShowScrollBar
SetRect
SetScrollInfo
GetScrollInfo
IsZoomed
GetDlgItem
GetCursor
SetCapture
ReleaseCapture
GetCapture
TrackMouseEvent
GetScrollPos
SetParent
LoadBitmapW
IsIconic
SetWindowPlacement
GetMonitorInfoW
MonitorFromWindow
GetWindowPlacement
CharLowerW
IsCharUpperW
EndDialog
SetDlgItemTextW
SendDlgItemMessageW
IsDlgButtonChecked
CheckRadioButton
EnableWindow
DialogBoxIndirectParamW
DialogBoxParamW
CloseClipboard
EmptyClipboard
OpenClipboard
MessageBeep
GetWindowTextLengthW
ShowCaret
HideCaret
SetClassLongW
CopyImage
ScreenToClient
GetCursorPos
SetClipboardData
SetMenuItemInfoW
GetWindowDC
MonitorFromRect
EnumDisplayMonitors
GetDesktopWindow
IsCharAlphaNumericW
RedrawWindow
GetMessagePos
EnableMenuItem
RemoveMenu
AppendMenuW
DestroyMenu
TrackPopupMenu
CreatePopupMenu
UnregisterClassA
SetWindowsHookExW
SetTimer
PostMessageW
KillTimer
CallNextHookEx
GetActiveWindow

gdi32

SetViewportOrgEx
LPtoDP
SetWindowExtEx
DeleteDC
GetDeviceCaps
CreateRectRgnIndirect
SetMapMode
CreateMetaFileW
DeleteMetaFile
SetWindowOrgEx
SetTextAlign
TextOutW
CloseMetaFile
RestoreDC
EndDoc
EndPage
StartPage
StartDocW
CreateDCW
SaveDC
AbortDoc
GetDIBits
SetDIBits
SetGraphicsMode
SetWorldTransform
GetTextExtentPoint32W
BitBlt
CreateDIBitmap
GetObjectW
CreateCompatibleBitmap
PlgBlt
GetBitmapBits
SetBitmapBits
CreateCompatibleDC
StretchBlt
MoveToEx
LineTo
CreatePen
Rectangle
CreateFontW
CreateFontIndirectW
SelectObject
SetBkMode
SetTextColor
SetBkColor
GetStockObject
DeleteObject
CreateSolidBrush

pdflib

ord15
ord53
ord44
ord31
ord56
ord51
ord49
ord58
ord32
ord23
ord61
ord27
ord26
ord64
ord50
ord43
ord30
ord52
ord68

advapi32

InitializeSecurityDescriptor
RegOpenKeyW
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegSetKeySecurity
SetSecurityDescriptorDacl
RegCloseKey

ole32

CoUninitialize
CoInitialize
CreateStreamOnHGlobal
CreateDataAdviseHolder
CoTaskMemAlloc
OleRegGetMiscStatus
CoTaskMemFree
OleRegEnumVerbs
OleUninitialize
OleRegGetUserType
OleInitialize
CreateOleAdviseHolder
CoCreateInstance

shell32

SHBindToParent
ShellExecuteExW
SHGetDesktopFolder
DragAcceptFiles

oleaut32

SafeArrayGetUBound
SafeArrayUnaccessData
SysStringLen
UnRegisterTypeLi
RegisterTypeLi
SysFreeString
SysAllocString
VariantTimeToSystemTime
LoadTypeLi
VariantInit
SysAllocStringLen
VariantChangeType
OleCreatePropertyFrame
SystemTimeToVariantTime
VariantClear
SysStringByteLen
LoadRegTypeLi
OleTranslateColor
SafeArrayGetLBound
SafeArrayAccessData

shlwapi

StrStrW
StrStrIW
StrRStrIW
SHDeleteKeyW
SHSetValueW
PathAppendW
PathFileExistsW
PathAddBackslashW
PathRemoveFileSpecW

gdiplus

GdiplusStartup
GdiplusShutdown
GdipDeleteBrush
GdipFree
GdipSetClipRegion
GdipGetFontCollectionFamilyList
GdipDeletePen
GdipCloneBrush
GdipCloneBitmapAreaI
GdipCreatePath2
GdipSetImageAttributesColorMatrix
GdipGetImageHeight
GdipDrawImageRectRectI
GdipGetEmHeight
GdipAddPathPath
GdipFillPolygon
GdipPrivateAddFontFile
GdipGetFamilyName
GdipDrawImagePointsRect
GdipSetTextRenderingHint
GdipSetPageScale
GdipCreateMatrix
GdipDrawPath
GdipGetClip
GdipDeleteFont
GdipCreateBitmapFromScan0
GdipDeleteGraphics
GdipGetDpiY
GdipSetPenDashArray
GdipSetClipRectI
GdipGetImageGraphicsContext
GdipSetImageAttributesWrapMode
GdipGetFontCollectionFamilyCount
GdipGetMatrixElements
GdipTransformRegion
GdipSetWorldTransform
GdipCreateRegionRectI
GdipGetRegionBounds
GdipSetPenLineCap197819
GdipSetSmoothingMode
GdipWidenPath
GdipCreatePen2
GdipDeleteFontFamily
GdipSetPenMiterLimit
GdipIsStyleAvailable
GdipBitmapUnlockBits
GdipCreateSolidFill
GdipDisposeImageAttributes
GdipSaveGraphics
GdipAlloc
GdipCreateMatrix2
GdipDisposeImage
GdipCreateFont
GdipCreateRegionPath
GdipSetPageUnit
GdipDeletePath
GdipTransformPath
GdipDeleteRegion
GdipClonePath
GdipGetGenericFontFamilySansSerif
GdipCreateImageAttributes
GdipSetImagePalette
GdipDrawString
GdipNewPrivateFontCollection
GdipGetWorldTransform
GdipSetCompositingMode
GdipTranslateWorldTransform
GdipFillRectangle
GdipDeletePrivateFontCollection
GdipCreateRegion
GdipCreateFontFamilyFromName
GdipCreateFromHDC
GdipSetPenTransform
GdipFillPath
GdipDeleteMatrix
GdipGetCellAscent
GdipSetInterpolationMode
GdipStringFormatGetGenericTypographic
GdipBitmapLockBits
GdipRestoreGraphics
GdipCloneImage
GdipCloneFontFamily
GdipCreatePath
GdipGetImageWidth
GdipSetPixelOffsetMode
GdipSetPenLineJoin
GdipSetPenDashOffset
GdipGetClipBounds

msimg32

AlphaBlend

ws2_32

gethostname
WSAStartup

comctl32

ImageList_AddMasked
ImageList_Create
InitCommonControlsEx
CreatePropertySheetPageW
ImageList_Destroy

wininet

InternetCloseHandle
FtpGetFileSize
HttpOpenRequestW
HttpQueryInfoW
HttpAddRequestHeadersW
HttpSendRequestW
InternetConnectW
InternetReadFile
FtpOpenFileW
InternetOpenW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW
ord203
GetPrinterW

comdlg32

CommDlgExtendedError
PrintDlgExW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5.6MB - Virtual size: 5.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 54KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d470a48444cec59de5f0491c5e0811a6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

pdflib

advapi32

ole32

shell32

oleaut32

shlwapi

gdiplus

msimg32

ws2_32

comctl32

wininet

version

winspool.drv

comdlg32

Exports

Exports

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 5.6MB - Virtual size: 5.6MB

.data Size: 104KB - Virtual size: 140KB

.rsrc Size: 41KB - Virtual size: 44KB

.reloc Size: 54KB - Virtual size: 73KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 5.6MB - Virtual size: 5.6MB

.data
Size: 104KB - Virtual size: 140KB

.rsrc
Size: 41KB - Virtual size: 44KB

.reloc
Size: 54KB - Virtual size: 73KB