7da6f0d345c99644ec7f2bf3a7bac9c0_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

7da6f0d345c99644ec7f2bf3a7bac9c0_NeikiAnalytics
Size

1.7MB
MD5

7da6f0d345c99644ec7f2bf3a7bac9c0
SHA1

846089e13498dbd7fefbe9fe1b50de3dc96c8452
SHA256

9021a06afaa9964483c1d84d26a4629ba638f0a8bc553715502f2e5c7873aee0
SHA512

37c510c563872d12e7801df66d9012db45b49368f619e7f8062411e801cce1224352dd3f638c2f9cfb8fe7c1ffdd81e58733881e860446fde9250728f2aef225
SSDEEP

24576:fkc+HanufKGNI4O+2Clty7Md4DmtgU0At5BLVv:fz+aufvJTLd4qtgU0AtrVv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7da6f0d345c99644ec7f2bf3a7bac9c0_NeikiAnalytics

Files

7da6f0d345c99644ec7f2bf3a7bac9c0_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

284b756ab6eb2da7e643d83ab66ec9aa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\C_SOURCE\ADV\NATSUKAMI\Release\GAME_SYS.pdb

Imports

kernel32

HeapAlloc
HeapFree
VirtualAlloc
GetSystemInfo
VirtualQuery
ExitThread
CreateThread
GetSystemTimeAsFileTime
GetStartupInfoA
GetCommandLineA
HeapReAlloc
TerminateProcess
HeapSize
SetUnhandledExceptionFilter
GetCurrentProcessId
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
UnhandledExceptionFilter
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetFileType
GetTimeZoneInformation
IsBadCodePtr
SetStdHandle
IsBadReadPtr
SetEnvironmentVariableA
SetErrorMode
LocalFileTimeToFileTime
InterlockedExchange
FindResourceExA
GetOEMCP
GetCPInfo
GlobalFlags
SystemTimeToFileTime
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
LocalAlloc
InterlockedIncrement
GetShortPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
MoveFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileA
InterlockedDecrement
GetDiskFreeSpaceA
GetFullPathNameA
GetFileTime
SetFileTime
ExitProcess
RtlUnwind
OutputDebugStringA
IsProcessorFeaturePresent
SetThreadPriority
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
VirtualProtect
FreeResource
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
FreeLibrary
lstrcmpW
GetModuleHandleA
GetProcAddress
SetLastError
MulDiv
FormatMessageA
LocalFree
GetModuleFileNameA
GetTickCount
WaitForMultipleObjects
CreateEventA
ResetEvent
SetEvent
WritePrivateProfileStringA
GetPrivateProfileStringA
ReleaseSemaphore
CreateSemaphoreA
GetThreadPriority
CreateFileA
DeleteFileA
GetTempPathA
GetTempFileNameA
SetFilePointer
ReadFile
WriteFile
FindFirstFileA
FindClose
GetCurrentDirectoryA
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
QueryPerformanceCounter
QueryPerformanceFrequency
GetDriveTypeA
GetFileAttributesA
GetStringTypeExA
CompareStringW
CompareStringA
lstrcmpiA
GetVersion
DeleteCriticalSection
InitializeCriticalSection
GetLastError
RaiseException
lstrcpynA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetLocalTime
MultiByteToWideChar
Sleep
lstrcatA
GetFileSize
CreateMutexA
WaitForSingleObject
CloseHandle
lstrlenA
lstrcmpA
lstrcpyA
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
SetHandleCount

user32

DestroyIcon
GetMenuItemInfoA
InflateRect
GetSysColorBrush
DrawFocusRect
UnpackDDElParam
ReuseDDElParam
LoadMenuA
DestroyMenu
ReleaseCapture
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
SetRectEmpty
BringWindowToTop
TranslateAcceleratorA
InvalidateRect
GetMessageA
TranslateMessage
ValidateRect
ShowOwnedPopups
SetCursor
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
PostQuitMessage
GetDesktopWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
MapDialogRect
GetActiveWindow
GetAsyncKeyState
ShowWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
SendDlgItemMessageA
GetFocus
IsWindow
IsChild
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
SetActiveWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
MsgWaitForMultipleObjects
GetQueueStatus
PostThreadMessageA
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
TrackPopupMenu
GetKeyState
IsWindowVisible
GetMenu
EqualRect
DeferWindowPos
GetClassInfoA
RegisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
IsIconic
GetWindowPlacement
GetWindow
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
GetSysColor
EndPaint
BeginPaint
GetWindowDC
FillRect
GetMenuState
GetMenuItemID
GetClassInfoExA
GetMenuItemCount
GetSubMenu
SetCursorPos
ClientToScreen
ChangeDisplaySettingsA
wvsprintfA
GetParent
GetWindowRect
MessageBoxA
UnregisterClassA
CharUpperA
GetCursorPos
ScreenToClient
SetWindowLongA
SetWindowPos
SetForegroundWindow
SetFocus
GetClientRect
GetSystemMetrics
SystemParametersInfoA
AdjustWindowRectEx
LoadIconA
SetMenu
LoadCursorA
EnableWindow
UpdateWindow
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
ReleaseDC
GetDC
SendMessageA
PostMessageA
PtInRect
UnionRect
OffsetRect
wsprintfA
CopyRect
IntersectRect
SetRect
RemovePropA

gdi32

CreateSolidBrush
CreateCompatibleBitmap
GetTextExtentPoint32A
EnumFontFamiliesExA
GetStockObject
CreateBitmap
CreatePatternBrush
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
GetPixel
GetObjectA
GdiFlush
GetClipBox
SetMapMode
SetTextColor
SetBkMode
SetBkColor
RestoreDC
SaveDC
GetTextMetricsA
CreateDIBSection
DeleteObject
GetDeviceCaps
PatBlt
BitBlt
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateFontIndirectA
SelectObject
CreateCompatibleDC
DeleteDC

comdlg32

GetFileTitleA
GetOpenFileNameA
GetSaveFileNameA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegSetValueA
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
SetFileSecurityA
GetFileSecurityA
RegCreateKeyExA
RegSetValueExA
RegCreateKeyA
RegCloseKey

shell32

DragQueryFileA
SHGetFileInfoA
ExtractIconA
DragFinish

comctl32

ord17
PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA
ImageList_Draw
ImageList_GetImageInfo
ImageList_Destroy

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

ole32

CoTaskMemFree
CoInitializeEx
CoUninitialize
CoCreateInstance
CoTaskMemAlloc
CoFreeUnusedLibraries
CoInitialize

oleaut32

SysAllocString
SysFreeString
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen

winmm

timeKillEvent
timeSetEvent
mmioOpenA
mmioDescend
mmioRead
mmioAscend
mmioSeek
timeGetTime
midiOutClose
midiOutOpen
mciSendCommandA
timeBeginPeriod
timeGetDevCaps
timeEndPeriod
mmioClose

imm32

ImmAssociateContext
ImmGetDefaultIMEWnd

d3d9

Direct3DCreate9

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 448KB - Virtual size: 446KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 156KB - Virtual size: 343KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

284b756ab6eb2da7e643d83ab66ec9aa

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

winmm

imm32

d3d9

version

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 448KB - Virtual size: 446KB

.data Size: 156KB - Virtual size: 343KB

.rsrc Size: 56KB - Virtual size: 55KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 448KB - Virtual size: 446KB

.data
Size: 156KB - Virtual size: 343KB

.rsrc
Size: 56KB - Virtual size: 55KB