b8da11a2217aa5305939b13163249910_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

b8da11a2217aa5305939b13163249910_NeikiAnalytics
Size

1.1MB
MD5

b8da11a2217aa5305939b13163249910
SHA1

41b7c27b4043ca7bab33fe6568457d2417b2fb6d
SHA256

415bd2ff7483cf714821a27d95dbebd497670006929526668e997e420eb2e19b
SHA512

7f6665d9e62b232f4374d06edbf2fc5eff0c78c5e42a378406b7fcf02740fb838e307b5a5d3b0353fc43af387f78f9b1605087157334e050aaf1ccc288e35c5c
SSDEEP

24576:F5gSxlNaiDlb4XV5o+N0s39eIQ+NDbyjtdwlRtjDzutWPzZUWbNy0:H00+RDbotdM3PzutWPzZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8da11a2217aa5305939b13163249910_NeikiAnalytics

Files

b8da11a2217aa5305939b13163249910_NeikiAnalytics
.exe windows:5 windows x64 arch:x64

d6c51c8586bc209ad4218e3bdaeb20f6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetModuleHandleW
HeapCreate
HeapDestroy
ExitProcess
SetFileAttributesW
InitializeSListHead
IsProcessorFeaturePresent
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStartupInfoW
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetStdHandle
WriteFile
GetModuleFileNameW
GetProcAddress
FreeLibrary
GetCurrentProcess
TerminateProcess
GetModuleHandleExW
EnterCriticalSection
DeleteCriticalSection
LeaveCriticalSection
HeapFree
GetLastError
SetLastError
HeapAlloc
GetCurrentThread
EnumSystemLocalesW
LoadLibraryExW
CompareStringW
FlsAlloc
FlsFree
FlsGetValue
FlsSetValue
GetDateFormatW
GetLocaleInfoW
GetTempPathW
GetTimeFormatW
GetUserDefaultLCID
InitializeCriticalSectionAndSpinCount
IsValidLocale
LCMapStringW
OutputDebugStringW
GetFileType
SetStdHandle
GetOEMCP
GetACP
GetCPInfo
IsValidCodePage
GetCommandLineA
GetCommandLineW
FindFirstFileExW
FindNextFileW
FindClose
MultiByteToWideChar
GetStringTypeW
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
SetEnvironmentVariableW
SetConsoleCtrlHandler
GetProcessHeap
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
HeapSize
HeapReAlloc
ReadFile
ReadConsoleW
SetFilePointerEx
CloseHandle
WriteConsoleW
CreateFileW
RtlUnwindEx
InterlockedFlushSList
InterlockedPushEntrySList
EncodePointer
RaiseException
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
RtlPcToFileHeader
RtlUnwind
Sleep
LoadLibraryW
InitializeCriticalSection
DuplicateHandle
CreatePipe
CreateProcessW
WaitForSingleObject
GetEnvironmentVariableW
GetFileSize
SetFilePointer
SetEndOfFile
DeleteFileW
GetVersionExW
CreateDirectoryW
FindFirstFileW
CopyFileW
GetDriveTypeW
GetFileAttributesW
RemoveDirectoryW
MulDiv
GetFileSizeEx

user32

AdjustWindowRectEx
GetSystemMetrics
SetWindowLongPtrW
SendMessageW
GetDC
ReleaseDC
GetWindowLongPtrW
CallWindowProcW
MessageBoxW
PostMessageW
GetForegroundWindow
GetWindowThreadProcessId
IsWindowVisible
IsWindowEnabled
EnableWindow
EnumWindows
SetWindowPos
DestroyWindow
SystemParametersInfoW
SetWindowTextW
GetWindowTextLengthW
GetWindowTextW
GetClientRect
FillRect
DefWindowProcW
RedrawWindow
LoadCursorW
RegisterClassExW
CreateWindowExW
SetClassLongPtrW
InvalidateRect
GetWindowRect
SetParent
ScreenToClient
SetCapture
GetCapture
GetCursorPos
SetCursor
BeginPaint
MapWindowPoints
DrawFrameControl
EndPaint
IsWindow
GetParent
MoveWindow
ShowWindow
GetClassNameW
IntersectRect
ValidateRect
GetWindow
SetFocus
GetUpdateRect
GetSysColor
GetSysColorBrush
SetRect
DrawTextW
GetWindowLongW
GetAsyncKeyState
RemovePropW
GetKeyState
SetPropW
GetIconInfo
UpdateWindow
ReleaseCapture
DrawStateW
GetFocus
FrameRect
DrawFocusRect
GetPropW
SetScrollPos
InflateRect
GetWindowDC
GetScrollInfo
SetScrollInfo
SetTimer
GetMessagePos
KillTimer
GetScrollPos
GetScrollRange
SetActiveWindow
DestroyIcon
LoadIconW
IsZoomed
IsIconic
PeekMessageW
MsgWaitForMultipleObjects
GetMessageW
GetActiveWindow
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
DestroyAcceleratorTable
CreateAcceleratorTableW
GetMenu
ClientToScreen
RegisterClassW
UnregisterClassW
DefFrameProcW
EnumChildWindows
SetForegroundWindow
TrackPopupMenu
IsChild
SetMenu
DestroyMenu
RegisterWindowMessageW
CharLowerW
CharUpperW

gdi32

SelectObject
GetTextExtentPoint32W
DeleteObject
GetStockObject
CreateFontIndirectW
SetBkMode
CreateCompatibleDC
CreateCompatibleBitmap
OffsetViewportOrgEx
SetViewportOrgEx
CreatePatternBrush
DeleteDC
SetTextColor
SetBkColor
GetObjectType
GetObjectW
CreateRectRgn
SelectClipRgn
BitBlt
ExcludeClipRect
CreateRectRgnIndirect
TextOutW
CreatePen
MoveToEx
LineTo
CreateSolidBrush
CreateDCW
GetClipRgn
ExtSelectClipRgn
CreateDIBSection
CreateBitmap
SetPixel
GetDIBits
SetStretchBltMode
SetBrushOrgEx
StretchBlt
GetDeviceCaps

ole32

CoInitialize
CoTaskMemFree
RevokeDragDrop
OleUninitialize
OleInitialize

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW
ShellExecuteExW
Shell_NotifyIconW
SHGetFolderLocation

gdiplus

GdipDeleteFont
GdipDeleteGraphics
GdipDeletePath
GdipDeleteMatrix
GdipDeletePen
GdipDeleteStringFormat
GdipFree

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

SystemFunction036

comctl32

InitCommonControlsEx
ImageList_Replace
ImageList_Add
ImageList_ReplaceIcon
ImageList_Remove
ImageList_AddMasked
ImageList_Destroy
ImageList_Create
ImageList_GetIconSize

Sections

.code
Size: 199KB - Virtual size: 199KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 648KB - Virtual size: 647KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gehcont
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gxfg
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 89KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d6c51c8586bc209ad4218e3bdaeb20f6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

ole32

shell32

gdiplus

comdlg32

advapi32

comctl32

Sections

.code Size: 199KB - Virtual size: 199KB

.text Size: 648KB - Virtual size: 647KB

.rdata Size: 114KB - Virtual size: 114KB

.pdata Size: 34KB - Virtual size: 33KB

.gehcont Size: 512B - Virtual size: 88B

.00cfg Size: 512B - Virtual size: 32B

.gxfg Size: 42KB - Virtual size: 41KB

_RDATA Size: 512B - Virtual size: 348B

.data Size: 89KB - Virtual size: 111KB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 7KB - Virtual size: 6KB

.code
Size: 199KB - Virtual size: 199KB

.text
Size: 648KB - Virtual size: 647KB

.rdata
Size: 114KB - Virtual size: 114KB

.pdata
Size: 34KB - Virtual size: 33KB

.gehcont
Size: 512B - Virtual size: 88B

.00cfg
Size: 512B - Virtual size: 32B

.gxfg
Size: 42KB - Virtual size: 41KB

_RDATA
Size: 512B - Virtual size: 348B

.data
Size: 89KB - Virtual size: 111KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 7KB - Virtual size: 6KB