75a9c3b565f189f41f168dd343e27a40_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

75a9c3b565f189f41f168dd343e27a40_NeikiAnalytics
Size

364KB
MD5

75a9c3b565f189f41f168dd343e27a40
SHA1

4770753dba72d7b819b98b7c59d33168be5d068b
SHA256

d8e5bcf5afa686cb144ed14bff430303fe33151bb2a5fe445cf9ce995d9a2b49
SHA512

b96b918bf44bdc26d79bb8bc6aa95d7df6e064e01d4843008475a3a06257c9079ca2ee97aa12d4c7be25b97f3395111ff4d9758cc975facf530ebd90e59833e8
SSDEEP

6144:clyCVMpXHuttviAWYcEWla98gH+/V9AlWrB8dJFwYP1GQzUp:myZXOtirq8gwcQ18yGGQzUp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75a9c3b565f189f41f168dd343e27a40_NeikiAnalytics

Files

75a9c3b565f189f41f168dd343e27a40_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

a9c93a4d59a99c0772b07c90ef62feca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GlobalDeleteAtom
GlobalAddAtomA
CreateProcessA
GetTempFileNameA
GetVersion
GetVersionExA
lstrcpynA
lstrcpyA
lstrcmpA
lstrcatA
lstrlenA
GlobalFree
GetTempPathA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetSystemTime
FindFirstFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileA
FindClose
CreateDirectoryA
SetErrorMode
GlobalAlloc
GlobalLock
GlobalUnlock
GetExitCodeProcess
GetCommandLineA
SetFilePointer
ReadFile
CreateFileA
WriteFile
CloseHandle
GetCurrentThreadId
RemoveDirectoryA
GetModuleFileNameA
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

DialogBoxParamA
GetTopWindow
GetClassNameA
GetWindow
LoadIconA
RegisterClassA
LoadImageA
RegisterClassExA
OemToCharA
GetAsyncKeyState
GetActiveWindow
ShowCursor
SetCapture
ReleaseCapture
GetKeyState
GetWindowRect
GetSystemMetrics
IsWindowVisible
LockWindowUpdate
SendMessageA
GetWindowLongA
AdjustWindowRectEx
IsZoomed
SetWindowPos
GetClientRect
SetWindowTextA
IsDialogMessageA
SetTimer
GetClipboardData
OpenClipboard
EmptyClipboard
SetClipboardData
MessageBoxA
IsClipboardFormatAvailable
wsprintfA
ShowWindow
PostMessageA
CheckMenuItem
EnableMenuItem
GetMenu
InvalidateRect
ClientToScreen
SetCursorPos
GetKeyboardState
GetCursorPos
ScreenToClient
CopyRect
UnhookWindowsHookEx
KillTimer
SetWindowsHookExA
CallNextHookEx
DestroyIcon
GetMenuState
DeleteMenu
GetSubMenu
GetDC
CreateIconIndirect
ReleaseDC
MsgWaitForMultipleObjects
PeekMessageA
GetMessageA
TranslateMDISysAccel
DispatchMessageA
TranslateMessage
InvertRect
CloseClipboard
SetRect
LoadStringA
EnumThreadWindows
SetForegroundWindow
WinHelpA
MapWindowPoints
UpdateWindow
SetWindowLongA
RedrawWindow
GetDesktopWindow
SetFocus
GetSysColor
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
GetParent
DestroyWindow
SetScrollPos
SetScrollRange
CreateWindowExA
UnionRect
GetPropA
SetPropA
CallWindowProcA
RemovePropA
GetFocus
GetWindowPlacement
SetWindowPlacement
GetMenuItemCount
LoadMenuIndirectA
DestroyMenu
DrawMenuBar
EndDialog
SendDlgItemMessageA
GetDlgItemTextA
GetInputState
MapVirtualKeyA
GetDlgItem
PtInRect
EndPaint
BeginPaint
SetDlgItemTextA
FillRect
GetUpdateRect
IsIconic
DefMDIChildProcA
ModifyMenuA
GetMenuStringA
GetMenuItemID
GetTabbedTextExtentA
DrawTextA
DrawEdge
SystemParametersInfoA
PostQuitMessage
IntersectRect
DrawFocusRect

gdi32

RealizePalette
SelectPalette
CreateFontIndirectA
GetObjectA
LineTo
MoveToEx
SelectObject
Rectangle
CreatePen
CreateSolidBrush
GetStockObject
SetBkMode
SetTextColor
GetTextExtentPointA
GetDeviceCaps
GetTextMetricsA
SetROP2
SetBkColor
GetNearestPaletteIndex
SetTextAlign
DPtoLP
CreateHatchBrush
Polygon
SetPolyFillMode
TextOutA
SelectClipRgn
CreateRectRgn
LPtoDP
CreatePalette
CreateBitmap
CreateCompatibleBitmap
SetDIBits
GetCharWidthA
DeleteObject

comdlg32

GetSaveFileNameA
GetOpenFileNameA

advapi32

RegCloseKey
RegOpenKeyA
RegQueryValueA

shell32

DragAcceptFiles
DragQueryFileA
ShellExecuteA
ShellExecuteExA

mmfs2

ord591
ord84
ord787
ord92
ord788
ord117
ord90
ord110
ord71
ord116
ord109
ord73
ord108
ord115
ord241
ord272
ord245
ord363
ord645
ord794
ord519
ord356
ord739
ord713
ord137
ord571
ord753
ord155
ord274
ord691
ord46
ord111
ord42
ord113
ord114
ord104
ord171
ord789
ord790
ord93
ord9
ord75
ord412
ord677
ord611
ord234
ord413
ord678
ord612
ord414
ord679
ord443
ord680
ord681
ord232
ord415
ord416
ord476
ord620
ord762
ord236
ord309
ord268
ord267
ord269
ord185
ord162
ord163
ord189
ord182
ord183
ord158
ord177
ord186
ord6
ord7
ord825
ord69
ord829
ord830
ord35
ord18
ord12
ord14
ord68
ord819
ord820
ord28
ord30
ord682
ord118
ord122
ord484
ord573
ord493
ord750
ord418
ord695
ord23
ord57
ord58
ord22
ord756
ord373
ord4
ord2
ord29
ord45
ord37
ord40
ord39
ord27
ord827
ord828
ord826
ord48
ord72
ord584
ord798
ord804
ord802
ord807
ord812
ord43
ord64
ord65
ord66
ord81
ord97
ord83
ord74
ord79
ord80
ord187
ord82
ord76
ord78
ord172
ord19
ord31
ord121
ord431
ord333
ord423
ord419
ord425
ord430
ord424
ord255
ord3
ord688
ord281
ord192
ord120
ord765
ord276
ord366
ord249
ord411
ord34
ord153
ord176
ord50
ord168
ord178
ord175
ord77
ord70
ord101
ord102
ord103
ord47
ord105
ord107
ord106
ord786
ord94
ord95
ord286
ord170
ord554
ord169
ord264
ord98
ord91
ord433
ord420
ord536
ord422
ord125
ord67
ord11
ord174
ord51
ord344
ord343
ord568
ord372
ord173
ord587
ord448
ord342
ord445
ord610
ord520
ord585
ord32
ord355
ord361
ord740
ord546
ord487
ord62
ord17
ord16
ord742
ord63
ord124
ord123
ord60
ord61
ord59
ord389
ord755
ord191
ord592
ord795
ord190
ord201
ord195
ord196
ord198
ord199
ord184
ord204
ord205
ord203
ord193
ord813
ord808
ord805
ord799
ord801
ord797
ord811
ord814
ord809
ord803
ord806
ord800
ord810

comctl32

ord17

winmm

timeBeginPeriod
joyGetPosEx
timeGetTime
timeEndPeriod
joyGetDevCapsA

msvcrt

_strlwr
free
_ftol
??3@YAXPAX@Z
remove
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
_strupr
isalnum
_strnicmp
_makepath
isalpha
isdigit
tolower
isspace
_msize
_heapmin
_findfirst
_findnext
_findclose
_rmdir
_splitpath
_chdrive
_chdir
strrchr
strchr
_CIpow
_CIfmod
strstr
_CIacos
_CIasin
floor
ceil
atof
modf
toupper
_stricmp
strncpy
_ltoa
sprintf
_fcvt
_gcvt
__CxxFrameHandler
realloc
calloc
memmove
??2@YAPAXI@Z
malloc

Sections

.text
Size: 300KB - Virtual size: 298KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a9c93a4d59a99c0772b07c90ef62feca

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

mmfs2

comctl32

winmm

msvcrt

Sections

.text Size: 300KB - Virtual size: 298KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 16KB - Virtual size: 14KB

.rsrc Size: 32KB - Virtual size: 31KB

.text
Size: 300KB - Virtual size: 298KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 16KB - Virtual size: 14KB

.rsrc
Size: 32KB - Virtual size: 31KB