5cdb87cf49343c90964842cf01d2b270_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

5cdb87cf49343c90964842cf01d2b270_NeikiAnalytics
Size

832KB
MD5

5cdb87cf49343c90964842cf01d2b270
SHA1

a2eddd23c5d7f68150c8071b4868286345212e18
SHA256

f9754fcc9c5ec2ca9aa3fe287413d02887abe5422ab525070024828134c5ff13
SHA512

0e59444a7aeda4177c565206e1d8ad57b03cf3348629406eacd77b2d7450a9df0319f5603d60acf096f969cc9c475ee0c12683a7d42086a51020b38e6dddd8f4
SSDEEP

12288:jlT10Wm7PHACDs+YizkkwpLZciYuJ/W3pADcOIdY0Ob01O/MwD:/f5/xixgk2IdwQ+FD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5cdb87cf49343c90964842cf01d2b270_NeikiAnalytics

Files

5cdb87cf49343c90964842cf01d2b270_NeikiAnalytics
.dll regsvr32 windows:4 windows x86 arch:x86

0cafdf7393f5b29af74f6799ccb34370

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WriteFile
SetFilePointer
FlushFileBuffers
GlobalFlags
lstrcatW
GetVersionExA
LoadLibraryA
GetModuleHandleA
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
RtlUnwind
HeapFree
GetCommandLineA
HeapAlloc
VirtualProtect
VirtualQuery
HeapReAlloc
SetStdHandle
GetFileType
HeapSize
TerminateProcess
QueryPerformanceCounter
GetSystemTimeAsFileTime
HeapDestroy
HeapCreate
IsBadWritePtr
SetHandleCount
GetStdHandle
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetOEMCP
GetCPInfo
GetStringTypeA
GetStringTypeW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
LocalAlloc
GlobalFree
lstrcpyW
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
SetLastError
GetTickCount
GetModuleHandleW
FreeLibrary
VirtualAlloc
GetCurrentThreadId
GetCurrentProcess
lstrcmpW
VirtualFree
GetSystemInfo
InterlockedDecrement
InterlockedIncrement
lstrcpynW
DisableThreadLibraryCalls
GetModuleFileNameA
GetLastError
lstrlenA
lstrlenW
GetProcAddress
GetModuleFileNameW
GetVersion
CloseHandle
GetCurrentProcessId
WideCharToMultiByte
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
RaiseException
GetVersionExW
GetLocaleInfoA
GetACP
InterlockedExchange
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
ExitProcess

user32

GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
WinHelpW
GetCapture
CreateWindowExW
GetClassInfoExW
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
LoadIconW
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
PostMessageW
AdjustWindowRectEx
GetClassInfoW
RegisterClassW
DefWindowProcW
CallWindowProcW
SystemParametersInfoA
IsIconic
GetWindowPlacement
CopyRect
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapW
SetWindowPos
SetWindowLongW
GetDlgItem
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetFocus
SetWindowTextW
GetClassNameW
SetWindowsHookExW
CallNextHookEx
GetKeyState
ValidateRect
GetWindowTextW
LoadCursorW
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
PostQuitMessage
DestroyMenu
GetSysColorBrush
SendMessageW
MessageBoxW
GetParent
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
EnableWindow
UnhookWindowsHookEx
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
DispatchMessageW
RegisterWindowMessageW
PeekMessageW
UnregisterClassW
ModifyMenuW

gdi32

ScaleWindowExtEx
DeleteDC
GetStockObject
SetWindowExtEx
TextOutW
RectVisible
PtVisible
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
GetClipBox
CreateBitmap
DeleteObject
GetDeviceCaps
SetMapMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
ExtTextOutW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegCloseKey
RegOpenKeyExW
RegSetValueExW
RegEnumKeyExW
RegSetValueW
RegCreateKeyW
RegDeleteKeyW

comctl32

ord17

ole32

CoCreateInstance
StringFromGUID2
CoUninitialize
CoTaskMemFree
CoFreeUnusedLibraries
CoInitialize
CoTaskMemAlloc

oleaut32

VariantChangeType
VariantClear
VariantInit

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 316KB - Virtual size: 316KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_TEXT64
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 317KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 161KB - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0cafdf7393f5b29af74f6799ccb34370

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 316KB - Virtual size: 316KB

_TEXT64 Size: 1KB - Virtual size: 1KB

.rdata Size: 317KB - Virtual size: 316KB

.data Size: 161KB - Virtual size: 183KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 33KB - Virtual size: 32KB

.text
Size: 316KB - Virtual size: 316KB

_TEXT64
Size: 1KB - Virtual size: 1KB

.rdata
Size: 317KB - Virtual size: 316KB

.data
Size: 161KB - Virtual size: 183KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 33KB - Virtual size: 32KB