2e795acc45ad5118cf18fa6fbdb90f60_NeikiAnalytics

Sharing

Copy URL

Twitter E-mail

General

Target

2e795acc45ad5118cf18fa6fbdb90f60_NeikiAnalytics
Size

100KB
MD5

2e795acc45ad5118cf18fa6fbdb90f60
SHA1

17d85e74bbfd350d90f63d73773a0ead096142bc
SHA256

73535b3e386f604727b62b63a0c039e56d773e7b40d390e53a61ec72166843bf
SHA512

e4133d50cfbf35123893051262b7457522b1ac63bde0e50de0c69b5b0b72f08b4687bf3cf70fbed1a00bc332f7a2895507733fe64802484d08a3b340724b489c
SSDEEP

1536:F+gQcGlo/4T8dF8yT6iQpMLE/JjLJMholxhNLaox8K2qZpckQ9Cq:F17Glqt++6ieMwPJMcxmox8xspckQk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e795acc45ad5118cf18fa6fbdb90f60_NeikiAnalytics

Files

2e795acc45ad5118cf18fa6fbdb90f60_NeikiAnalytics
.dll windows:4 windows x86 arch:x86

06f8ec850a7588d02c3665b24de210a8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetOEMCP
GetCPInfo
FileTimeToSystemTime
FileTimeToLocalFileTime
FindNextFileA
HeapFree
GetCommandLineA
ExitProcess
TerminateProcess
RaiseException
HeapSize
HeapReAlloc
GetACP
GetTimeZoneInformation
HeapDestroy
HeapCreate
RtlUnwind
HeapAlloc
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
FindFirstFileA
WriteFile
GetCurrentProcess
GetProcessVersion
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GetModuleHandleA
WritePrivateProfileStringA
GlobalFlags
GetProcAddress
GetModuleFileNameA
IsBadWritePtr
SetLastError
FreeLibrary
GetLastError
lstrcpyA
GetVersion
lstrcpynA
TlsGetValue
lstrcatA
SetErrorMode
EnterCriticalSection
LocalReAlloc
TlsSetValue
TlsFree
GlobalReAlloc
LeaveCriticalSection
GlobalFree
GlobalHandle
GlobalUnlock
InitializeCriticalSection
DeleteCriticalSection
TlsAlloc
LocalFree
LocalAlloc
CloseHandle
GlobalDeleteAtom
GlobalLock
GlobalAlloc
SetHandleCount
lstrcmpA
GetStdHandle
VirtualFree
VirtualAlloc
LoadLibraryA

user32

SetForegroundWindow
GetForegroundWindow
GetMessagePos
SystemParametersInfoA
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
CreateWindowExA
DestroyWindow
DefWindowProcA
GetMenuItemID
GetSubMenu
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
GetSysColor
MapWindowPoints
LoadIconA
LoadCursorA
GetSysColorBrush
DestroyMenu
SetFocus
ShowWindow
SetWindowPos
SetWindowLongA
GetWindowPlacement
IsIconic
GetSystemMetrics
GetDlgItem
GrayStringA
DrawTextA
TabbedTextOutA
ReleaseDC
GetDC
GetMenuItemCount
wsprintfA
GetWindowTextA
SetWindowTextA
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameA
LoadStringA
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
EnableWindow
SetCursor
PostMessageA
PostQuitMessage
UnhookWindowsHookEx
RegisterWindowMessageA
IsWindow
SendMessageA
GetMenuCheckMarkDimensions
UnregisterClassA
PtInRect

gdi32

CreateSolidBrush
SaveDC
DeleteDC
SelectObject
GetStockObject
RestoreDC
SetBkColor
SetMapMode
SetViewportOrgEx
SetTextColor
SetViewportExtEx
ScaleViewportExtEx
OffsetViewportOrgEx
SetWindowExtEx
GetClipBox
ScaleWindowExtEx
CreateBitmap
GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetObjectA
DeleteObject

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegOpenKeyExA
RegCloseKey
RegCreateKeyExA
RegSetValueExA

comctl32

ord17

Exports

Exports

ClxCloseAll
ClxCommInit
ClxConnect
ClxDisconnect
ClxEnumCommProtocol
ClxGetCaps
ClxGetCurSetting
ClxGetLastError
ClxIsConnect
ClxSendData
ClxSendFile
ClxSetCommOptions
ClxStartSSL
SessionCloseCallback

Sections

.text
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

06f8ec850a7588d02c3665b24de210a8

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

Exports

Exports

Sections

.text Size: 56KB - Virtual size: 54KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 8KB - Virtual size: 14KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 12KB - Virtual size: 9KB

.text
Size: 56KB - Virtual size: 54KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 8KB - Virtual size: 14KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 12KB - Virtual size: 9KB