c4160b0d946541b0347ef3bf554145c0_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

c4160b0d946541b0347ef3bf554145c0_NeikiAnalytics
Size

546KB
MD5

c4160b0d946541b0347ef3bf554145c0
SHA1

fc8293e4811f83704cebad00afddb0e682f86400
SHA256

a733ccbb70d8b75e4a86a4bcc8c30b404313aa54012daddaff833ee1729133ba
SHA512

eb9cdea644b231875119caea775a0092d8cb2e87cd78e0578efde29c6f4b023cd16113f1a7b5ebcf7017d8c9500dc3172b067a3d16676ff22e54045fcec75ff9
SSDEEP

12288:MNdF/WaQ1IRHLOq+p/Ew45SoqWOfy9ZTfNnAjXNxKdITsSt4V:CD/WaEErp+p2SxUWXNxKdITXto

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c4160b0d946541b0347ef3bf554145c0_NeikiAnalytics

Files

c4160b0d946541b0347ef3bf554145c0_NeikiAnalytics
.dll windows:5 windows x86 arch:x86

04ca7ec55189e0aa4295153eb16296ea

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\se6\src\build\Release\SeAppMgr.pdb

Imports

msimg32

AlphaBlend

psapi

GetProcessImageFileNameW

kernel32

DeleteFileW
RemoveDirectoryW
GetPrivateProfileSectionW
WritePrivateProfileSectionW
GetPrivateProfileStringW
GetPrivateProfileSectionNamesW
FindNextFileW
FindClose
GetTickCount
CreateFileW
WriteFile
MoveFileExW
GetTempFileNameW
GetTempPathW
CopyFileW
LocalFree
RaiseException
EnterCriticalSection
LeaveCriticalSection
SetLastError
GetCurrentProcess
FlushInstructionCache
GetSystemInfo
WaitForSingleObject
TerminateThread
LoadLibraryW
GetProcAddress
FreeLibrary
lstrlenW
WideCharToMultiByte
Sleep
lstrlenA
MultiByteToWideChar
CreateEventW
SetEvent
FreeResource
LoadResource
FindResourceW
SizeofResource
LockResource
OpenProcess
InitializeCriticalSection
DeleteCriticalSection
VirtualProtect
ReadProcessMemory
GetModuleHandleExW
InterlockedDecrement
CreateSemaphoreW
ReleaseSemaphore
GetSystemTime
SystemTimeToFileTime
ResumeThread
SuspendThread
SetThreadPriority
CreateMutexW
GetLastError
GetFileTime
GetLocalTime
OutputDebugStringW
SetFileAttributesW
GlobalAlloc
GlobalLock
GlobalUnlock
CreateProcessW
ExpandEnvironmentStringsW
GlobalFree
LocalAlloc
CreateFileA
DosDateTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
MoveFileExA
DeleteFileA
GetShortPathNameW
GetEnvironmentVariableW
FormatMessageW
GetFileSizeEx
DeviceIoControl
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapDestroy
HeapCreate
GetStartupInfoA
SetHandleCount
GetModuleFileNameA
IsValidCodePage
GetOEMCP
GetACP
HeapSize
LCMapStringW
LCMapStringA
GetCPInfo
RtlUnwind
GetFileType
SetStdHandle
HeapReAlloc
GetConsoleMode
GetConsoleCP
GetCommandLineA
ExitProcess
ExitThread
UnhandledExceptionFilter
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
LoadLibraryA
InterlockedExchange
FindFirstFileW
CreateDirectoryW
CreateThread
CloseHandle
WritePrivateProfileStringW
GetPrivateProfileIntW
WaitForMultipleObjects
GetCurrentProcessId
GetCurrentThreadId
GetModuleFileNameW
GetModuleHandleW
DisableThreadLibraryCalls
SetEnvironmentVariableW
OpenThread
ReadFile
GetUserDefaultLCID
QueryPerformanceCounter
InterlockedCompareExchange
GetSystemTimeAsFileTime
GetCommandLineW
GetNativeSystemInfo
GetSystemDirectoryW
GetVersionExW
GetUserDefaultLangID
SetFilePointer
VirtualFree
VirtualAlloc
GetModuleHandleA
ReleaseMutex
InterlockedExchangeAdd
IsDebuggerPresent
InitializeCriticalSectionAndSpinCount
GetFileAttributesW
GetCurrentDirectoryW
GetWindowsDirectoryW
TlsGetValue
TlsSetValue
TlsAlloc
TlsFree
SetEndOfFile
SetFilePointerEx
FlushFileBuffers
SetUnhandledExceptionFilter
TerminateProcess
GetStdHandle
InterlockedIncrement

user32

FindWindowExW
GetWindowThreadProcessId
ScreenToClient
ShowWindow
MsgWaitForMultipleObjects
DispatchMessageW
TranslateMessage
DialogBoxParamW
GetMessagePos
MessageBoxW
SetTimer
KillTimer
GetDC
ReleaseDC
LoadImageW
GetMessageW
PeekMessageW
PostThreadMessageW
CreateWindowExW
LoadCursorW
GetClassInfoExW
RegisterClassExW
DestroyWindow
DefWindowProcW
SetWindowLongW
EndDialog
DrawTextW
DrawIcon
EndPaint
BeginPaint
LoadIconW
CheckDlgButton
GetWindowLongW
MonitorFromWindow
GetMonitorInfoW
GetWindowRect
GetParent
GetClientRect
MapWindowPoints
GetDlgItem
SetWindowPos
GetWindow
SendMessageW
GetTopWindow
DestroyIcon
PostMessageW
CharLowerW
IsWindow
CallWindowProcW
UnregisterClassA

gdi32

CreateCompatibleDC
BitBlt
GetDIBits
CreateDIBSection
GetObjectW
CreateFontW
GetTextExtentPoint32W
DeleteObject
SetBkMode
SelectObject
DeleteDC

Exports

Exports

AppMgrGetChannelDispatch
AppMgrInit
AppMgrRun
IsValidPEInProc
UpdateAppsAtSetup
UpdateAppsAtSetupEx

Sections

.text
Size: 412KB - Virtual size: 412KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

04ca7ec55189e0aa4295153eb16296ea

Headers

File Characteristics

PDB Paths

Imports

msimg32

psapi

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 412KB - Virtual size: 412KB

.rdata Size: 57KB - Virtual size: 56KB

.data Size: 12KB - Virtual size: 26KB

.tls Size: 512B - Virtual size: 2B

.rsrc Size: 32KB - Virtual size: 31KB

.reloc Size: 25KB - Virtual size: 24KB

.text
Size: 412KB - Virtual size: 412KB

.rdata
Size: 57KB - Virtual size: 56KB

.data
Size: 12KB - Virtual size: 26KB

.tls
Size: 512B - Virtual size: 2B

.rsrc
Size: 32KB - Virtual size: 31KB

.reloc
Size: 25KB - Virtual size: 24KB