432821ba793e5f81fe8b200e7947d860_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

432821ba793e5f81fe8b200e7947d860_NeikiAnalytics
Size

4.8MB
MD5

432821ba793e5f81fe8b200e7947d860
SHA1

feaf819f0959a4c41c3f482a123d83bbd659657c
SHA256

8d18ad9831248e22c7e66f60d7cfcaa2b6832f7371874309266e3c45fb7ae424
SHA512

784d9e94a5a0db254be6486e93eb33e3bb9d8805570e681a4ec38a4ee65bdf6a019cb8b49092a4cf30d19a871fe8e6342a4277b9bf366a1e7ee047a28edb602b
SSDEEP

98304:J2KGX4/fuv7pCcJ+mZxexgqnY6zSswqn4:J2Kpuv7scRZxZuslG4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
432821ba793e5f81fe8b200e7947d860_NeikiAnalytics

Files

432821ba793e5f81fe8b200e7947d860_NeikiAnalytics
.exe windows:5 windows x64 arch:x64

ea062c4b5e2771809708198c5a75f1fb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

user32

SetDlgItemTextA
SetWindowTextA
DialogBoxParamA
EndDialog
GetDlgItem
DefDlgProcA
LoadIconA
LoadCursorA
RegisterClassA
SendDlgItemMessageA
ExitWindowsEx
EnumWindows
IsIconic
ShowWindow
SetForegroundWindow
GetLastActivePopup
IsWindowVisible
GetWindowThreadProcessId
FindWindowA
GetParent
GetDesktopWindow
GetWindowRect
CopyRect
OffsetRect
SetWindowPos
MessageBoxA
MessageBoxW

advapi32

AdjustTokenPrivileges
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
OpenProcessToken
LookupPrivilegeValueA
RegCloseKey
RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExA

comctl32

ord17

comdlg32

GetOpenFileNameA

kernel32

HeapReAlloc
QueryPerformanceCounter
InitializeCriticalSectionAndSpinCount
GetDriveTypeA
GetFileAttributesW
WriteConsoleA
SetEnvironmentVariableW
LoadLibraryW
LCMapStringW
IsValidCodePage
GetOEMCP
GetACP
SetStdHandle
LCMapStringA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
CompareStringA
CompareStringW
SetEndOfFile
GetTimeZoneInformation
DeleteFileW
CreateFileW
SetFilePointer
GetLastError
WriteFile
ReadFile
GetProcAddress
LoadLibraryA
GetUserDefaultLCID
CloseHandle
CreateFileA
CreateDirectoryA
GetLongPathNameW
ExitProcess
RemoveDirectoryA
FindClose
FindNextFileA
DeleteFileA
FindFirstFileA
WideCharToMultiByte
MultiByteToWideChar
AreFileApisANSI
FindFirstFileW
GetShortPathNameA
GetModuleFileNameA
GetShortPathNameW
GetModuleFileNameW
GetWindowsDirectoryA
GetLongPathNameA
GetEnvironmentVariableA
GetTempPathA
GetWindowsDirectoryW
GetEnvironmentVariableW
GetTempPathW
GetTempFileNameA
GetFullPathNameW
GetFullPathNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
FreeEnvironmentStringsA
GetEnvironmentStrings
GetConsoleOutputCP
GetCurrentProcessId
DuplicateHandle
GetCurrentProcess
TerminateProcess
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
SetEnvironmentVariableA
SearchPathA
GetProcessHeap
EnterCriticalSection
InitializeCriticalSection
LeaveCriticalSection
ReleaseSemaphore
CreateSemaphoreA
GetCommandLineW
Sleep
SizeofResource
LockResource
LoadResource
FindResourceA
SetConsoleTitleA
GetTickCount
GetConsoleTitleA
AllocConsole
GetModuleHandleA
CreateProcessW
SetCurrentDirectoryW
SetThreadPriority
CreateThread
SetCurrentDirectoryA
GetCurrentDirectoryA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
RaiseException
RtlPcToFileHeader
RtlUnwindEx
GetSystemTimeAsFileTime
CreateDirectoryW
RemoveDirectoryW
HeapAlloc
HeapFree
WriteConsoleW
GetFileType
GetStdHandle
DebugBreak
GetModuleHandleW
GetCommandLineA
GetStartupInfoA
EncodePointer
DecodePointer
FlsGetValue
FlsSetValue
FlsFree
SetLastError
GetCurrentThreadId
FlsAlloc
HeapSize
GetConsoleCP
GetConsoleMode
FlushFileBuffers
DeleteCriticalSection
SetHandleCount
HeapSetInformation
HeapCreate
GetCPInfo

Sections

.text
Size: 206KB - Virtual size: 205KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ea062c4b5e2771809708198c5a75f1fb

Headers

DLL Characteristics

File Characteristics

Imports

user32

advapi32

comctl32

comdlg32

kernel32

Sections

.text Size: 206KB - Virtual size: 205KB

.rdata Size: 59KB - Virtual size: 58KB

.data Size: 9KB - Virtual size: 88KB

.pdata Size: 8KB - Virtual size: 8KB

.rsrc Size: 32KB - Virtual size: 32KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 206KB - Virtual size: 205KB

.rdata
Size: 59KB - Virtual size: 58KB

.data
Size: 9KB - Virtual size: 88KB

.pdata
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 32KB - Virtual size: 32KB

.reloc
Size: 2KB - Virtual size: 1KB