be0ba3f6f0fca6a226d5cac7548d83d0_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

be0ba3f6f0fca6a226d5cac7548d83d0_NeikiAnalytics
Size

432KB
MD5

be0ba3f6f0fca6a226d5cac7548d83d0
SHA1

e9070c840a15657a7e294f2b8d19bae4fc4abe71
SHA256

c2ca1a48ca3246fdb88d8332f4301c2dd81090abb3901c44a8856b1f76813214
SHA512

f315243a2e8f2476a412ebad094c2daf527fa31be768cce941f467e4d0689526a171d07b79ec002650b6813ef2338656529ada352b2009fdbe998fd991d3bcec
SSDEEP

12288:c7cdZAiCgSpgtuHwz/OE7DvEe9+dB5wxXBjbnEtk/PeC+xe:pJTZKe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be0ba3f6f0fca6a226d5cac7548d83d0_NeikiAnalytics

Files

be0ba3f6f0fca6a226d5cac7548d83d0_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

c110ebafd324e26e442c491e67994d03

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteCriticalSection
GetFileAttributesW
GetFileAttributesA
DeleteFileW
DeleteFileA
WideCharToMultiByte
FindFirstFileW
FindFirstFileA
FindFirstFileExW
FindFirstFileExA
FindNextFileW
FindNextFileA
CopyFileW
MoveFileW
MoveFileExW
CopyFileA
MoveFileA
MoveFileExA
GetShortPathNameW
CreateFileW
SetFileAttributesW
GetFileAttributesExW
CreateDirectoryW
GetDateFormatW
GetTimeFormatW
RemoveDirectoryW
FindFirstChangeNotificationW
FindFirstChangeNotificationA
CompareStringW
CompareStringA
SetFileAttributesA
GetFileAttributesExA
GetShortPathNameA
CreateFileA
CreateDirectoryA
GetDateFormatA
GetTimeFormatA
RemoveDirectoryA
FindClose
GetLongPathNameA
GetTempPathA
GetLongPathNameW
GetTempPathW
CloseHandle
LockResource
LoadResource
SizeofResource
FindResourceA
InitializeCriticalSection
TerminateThread
WaitForSingleObject
SetThreadPriority
GetFileSize
SetFilePointer
SetEndOfFile
FlushFileBuffers
UnmapViewOfFile
ReadFile
WriteFile
GetFileTime
SetFileTime
GetLocaleInfoA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetModuleHandleA
InterlockedIncrement
lstrcpynA
InterlockedDecrement
Sleep
HeapFree
HeapAlloc
GetStartupInfoA
GetCommandLineA
ExitProcess
RtlUnwind
ResumeThread
CreateThread
TlsSetValue
ExitThread
TerminateProcess
GetCurrentProcess
HeapReAlloc
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
SetStdHandle
GetFileType
SetHandleCount
GetStdHandle
RaiseException
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
TlsAlloc
SetLastError
TlsGetValue
HeapSize
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
GetCPInfo
GetACP
GetOEMCP
IsBadCodePtr
EnterCriticalSection
LeaveCriticalSection
GetVersionExA
GetVersion
GetModuleFileNameW
GetModuleFileNameA
GetCurrentThreadId
FormatMessageA
LocalFree
LoadLibraryA
GetProcAddress
MultiByteToWideChar
CompareFileTime
CreateMutexA
GetLastError
ReleaseMutex

user32

SetDlgItemTextW
DefWindowProcW
CreateDialogParamW
SetMenuItemInfoW
GetMenuItemInfoW
InsertMenuItemW
AppendMenuW
MessageBoxW
CallWindowProcA
RegisterClassA
UnregisterClassA
SetClassLongA
GetWindowTextA
DialogBoxParamA
SetDlgItemTextA
DefWindowProcA
SetMenuItemInfoA
GetMenuItemInfoA
InsertMenuItemA
AppendMenuA
CreateWindowExA
GetDesktopWindow
GetDC
GetWindowTextLengthA
GetWindowTextLengthW
LoadIconA
SetActiveWindow
MoveWindow
SendMessageW
EndPaint
BeginPaint
MessageBeep
GetActiveWindow
GetSysColor
GetClassInfoExA
DestroyWindow
SetWindowTextW
GetWindow
EnumThreadWindows
MessageBoxA
SetWindowTextA
GetParent
LoadCursorA
SetCursor
GetAsyncKeyState
GetSystemMetrics
SystemParametersInfoA
DialogBoxParamW
PostQuitMessage
GetWindowTextW
GetWindowLongA
IsIconic
ShowWindow
FlashWindowEx
IsWindowVisible
SetWindowPos
UpdateWindow
FindWindowExA
RegisterWindowMessageA
PostMessageA
MapWindowPoints
GetClientRect
GetWindowRect
SetTimer
EnableWindow
LoadImageA
SendMessageA
SetForegroundWindow
CheckDlgButton
GetDlgItem
SetClassLongW
GetClassInfoA
UnregisterClassW
RegisterClassW
CallWindowProcW
GetWindowLongW
SetWindowLongW
CreateWindowExW
ReleaseDC
GetClassNameA
SetWindowLongA
CreateDialogParamA
EndDialog
IsWindow

comdlg32

GetOpenFileNameA
GetSaveFileNameA
GetOpenFileNameW
GetSaveFileNameW

comctl32

PropertySheetA
CreatePropertySheetPageA
CreatePropertySheetPageW
PropertySheetW
InitCommonControlsEx

gdi32

CreatePen
Rectangle
SelectObject
TextOutA
TextOutW
CreateFontIndirectA
CreateCompatibleDC
DeleteDC
GetStockObject
DeleteObject
CreateDIBSection
BitBlt

advapi32

RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegEnumKeyExW
RegEnumValueW
RegCreateKeyExA
RegCloseKey
RegEnumValueA
RegEnumKeyExA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExW

shell32

SHGetSpecialFolderPathA
SHGetFileInfoA
SHFileOperationA
ShellExecuteExW
ShellExecuteW
SHGetSpecialFolderPathW
SHGetFileInfoW
SHFileOperationW
SHGetPathFromIDListW
SHBrowseForFolderW
ShellExecuteA
ShellExecuteExA
SHGetMalloc
SHBrowseForFolderA
SHGetPathFromIDListA

oleaut32

SystemTimeToVariantTime
SysFreeString
VarBstrFromDate

Sections

.text
Size: 248KB - Virtual size: 247KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 24KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 132KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c110ebafd324e26e442c491e67994d03

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

comctl32

gdi32

advapi32

shell32

oleaut32

Sections

.text Size: 248KB - Virtual size: 247KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 24KB - Virtual size: 55KB

.rsrc Size: 132KB - Virtual size: 129KB

.text
Size: 248KB - Virtual size: 247KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 24KB - Virtual size: 55KB

.rsrc
Size: 132KB - Virtual size: 129KB