b355d4a31cc2c68c413c3fef32041bb0_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

b355d4a31cc2c68c413c3fef32041bb0_NeikiAnalytics
Size

428KB
MD5

b355d4a31cc2c68c413c3fef32041bb0
SHA1

c93cb89a3e2528af3ba4d7123906a3e7bd30be53
SHA256

9c5af4bb7e173065bf6877839b3c4fc8388c4c56bacf3caa1f67e4122f45d304
SHA512

6d4dac90ccaf2d29b283b969f4c02025e13793a07ee6e9fcd7c05f479cd222c7299c7d8fc0f7ea7d1d59f504057bc5b85dbe9143a997b98b4b5bb797dd4ac837
SSDEEP

12288:d4x6YGeN2gGctJoUcCBVC9k8WQW0SG26yDHs437yzy2Tf9Ea43CVQLvyNtyBJ8wF:d4xvGvgGKJoUcCBVC9k8WQW0SG26yDHB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b355d4a31cc2c68c413c3fef32041bb0_NeikiAnalytics

Files

b355d4a31cc2c68c413c3fef32041bb0_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

8b6a73afa6d5ff3f4de5f1d7d8ff1ffe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

activeds

ord3

shlwapi

SHDeleteEmptyKeyA
SHDeleteKeyA

kernel32

FindNextFileA
FindFirstFileA
GetTickCount
CopyFileA
CreateThread
InterlockedIncrement
ReadFile
CreateFileA
GetFileTime
GetFileSize
SetFilePointer
WriteFile
DeleteFileA
SetFileAttributesA
GetModuleFileNameA
GetCurrentProcess
SetFileTime
GetFileAttributesA
GetExitCodeProcess
SetErrorMode
SetCurrentDirectoryA
GlobalFree
GlobalAlloc
GetNumberFormatA
GetShortPathNameA
GetTempPathA
GetSystemDirectoryA
MoveFileExA
FindClose
GetLocalTime
MoveFileA
GetVersionExA
RemoveDirectoryA
GetPrivateProfileIntA
CreateDirectoryA
GetDiskFreeSpaceA
SetLastError
GetComputerNameA
WideCharToMultiByte
lstrlenW
GetVolumeInformationA
GetBinaryTypeA
GetOEMCP
GetACP
CreateProcessA
GetCPInfo
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
TerminateProcess
SetEndOfFile
SetStdHandle
RaiseException
GetStdHandle
SetHandleCount
LCMapStringW
LCMapStringA
TlsGetValue
TlsAlloc
TlsSetValue
GetCurrentThreadId
DeleteCriticalSection
InitializeCriticalSection
FlushFileBuffers
LeaveCriticalSection
EnterCriticalSection
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
HeapReAlloc
HeapFree
HeapAlloc
GetFileType
RtlUnwind
HeapSize
WaitForSingleObject
CloseHandle
WinExec
GetPrivateProfileStringA
WritePrivateProfileStringA
CompareFileTime
LoadLibraryA
InterlockedDecrement
GetProcAddress
FreeLibrary
GetTempFileNameA
GetModuleHandleA
FormatMessageA
LocalAlloc
lstrcatA
lstrcpyA
LocalFree
GetLastError
SystemTimeToFileTime
LocalFileTimeToFileTime
MultiByteToWideChar
lstrlenA

user32

InvalidateRect
UpdateWindow
wsprintfA
MessageBoxA
SendMessageA
DispatchMessageA
GetMessageA
LoadStringA
DialogBoxParamA
EnableWindow
IsDlgButtonChecked
GetDesktopWindow
SendDlgItemMessageA
ShowWindow
GetDlgItem
SetDlgItemTextA
EndDialog
SetFocus
GetSysColorBrush
LoadBitmapA
FindWindowA
SendMessageTimeoutA
ExitWindowsEx
DestroyWindow
IsWindowVisible
DefWindowProcA
PostMessageA
BeginPaint
GetSysColor
FillRect
DrawTextA
EndPaint
PostQuitMessage
GetClientRect
LoadCursorA
RegisterClassExA
GetWindowRect
CreateWindowExA
GetDlgItemTextA
SetWindowTextA
LoadIconA
SetClassLongA
CheckDlgButton
GetWindowLongA
SetWindowLongA
SetWindowPos
FindWindowExA
SetForegroundWindow

ole32

CoInitialize
CLSIDFromProgID
CoCreateInstance
CoUninitialize
OleRun

oleaut32

SysStringLen
VariantChangeType
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocString
VariantClear
VariantCopy
GetErrorInfo
VariantInit
SysAllocStringByteLen
SysFreeString

advapi32

GetUserNameA
RegEnumValueA
RegDeleteKeyA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegCreateKeyExA
RegCreateKeyA
RegSetValueExA
RegDeleteValueA
RegOpenKeyExA
RegOpenKeyA
RegQueryValueExA
RegCloseKey
RegEnumKeyExA
ConvertStringSecurityDescriptorToSecurityDescriptorA

urlmon

URLDownloadToCacheFileA

gdi32

SetBkMode
CreateFontA
TextOutA
SelectObject
SetBkColor
DeleteObject
SetTextColor

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

shell32

ShellExecuteA
SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetSpecialFolderLocation
ShellExecuteExA

wininet

InternetGetLastResponseInfoA
HttpQueryInfoA
HttpSendRequestA
InternetErrorDlg
InternetSetOptionA
InternetOpenUrlA
InternetOpenA
InternetCloseHandle
DeleteUrlCacheEntry
InternetReadFile

msi

ord87
ord141
ord156

Sections

.text
Size: 172KB - Virtual size: 169KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 204KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8b6a73afa6d5ff3f4de5f1d7d8ff1ffe

Headers

File Characteristics

Imports

activeds

shlwapi

kernel32

user32

ole32

oleaut32

advapi32

urlmon

gdi32

version

shell32

wininet

msi

Sections

.text Size: 172KB - Virtual size: 169KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 32KB - Virtual size: 68KB

.rsrc Size: 204KB - Virtual size: 201KB

.text
Size: 172KB - Virtual size: 169KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 32KB - Virtual size: 68KB

.rsrc
Size: 204KB - Virtual size: 201KB