c49f71ded861fa0ff4c4bad725263f20_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

c49f71ded861fa0ff4c4bad725263f20_NeikiAnalytics
Size

9.5MB
MD5

c49f71ded861fa0ff4c4bad725263f20
SHA1

2ce9f1fa1e9af09da6b830e0d865bfd5bc94f832
SHA256

72751f137656617ade0aa376218d572fcc3db79bcbd6251f00a0411ed4cfb98b
SHA512

91c0138afe3a9b7d523089713b9de5e11299901dbc3a057229c291a92e60722e7ea9a3df0761f2542f052754b9115feb2a4c0e22ae64574fe1570d71e9f0c157
SSDEEP

98304:JvDllDK+JLdHgO2ww2bzMcOe8oxTaRae55IRx5dH:JvDllG+jb2V2BxTaRa65IRV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c49f71ded861fa0ff4c4bad725263f20_NeikiAnalytics

Files

c49f71ded861fa0ff4c4bad725263f20_NeikiAnalytics
.exe windows:5 windows x86 arch:x86

fa83f1c3a1dd9268fb9039d721b0ac95

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
TerminateProcess
GetProcessHeap
HeapAlloc
GetStartupInfoA
LoadLibraryA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
FindResourceW
LoadResource
LockResource
GetVersionExW
FreeResource
GetCommandLineW
GetSystemDirectoryW
ExpandEnvironmentStringsW
lstrlenW
GetCurrentThreadId
lstrcmpW
GetModuleFileNameW
GetFullPathNameW
GetSystemDefaultLangID
HeapReAlloc
CreateFileMappingW
MapViewOfFileEx
UnmapViewOfFile
CompareStringW
GetFileSize
ReadFile
GetWindowsDirectoryW
CreateFileW
SetFilePointer
LockFile
WriteFile
UnlockFile
CloseHandle
HeapFree
GetProcAddress
LoadLibraryW
GetCurrentProcess
FreeLibrary

user32

GetWindowLongW
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
BringWindowToTop
IsIconic
GetParent
CreateWindowExW
RegisterClassExW
LoadCursorW
SetWindowLongW
ChildWindowFromPoint
SetWindowTextW
GetClientRect
ActivateKeyboardLayout
DestroyMenu
LoadMenuW
LoadImageW
LoadIconW
GetSystemMetrics
EnumWindows
DispatchMessageW
TranslateMessage
GetMessageW
GetWindow
SendMessageA
CreateWindowExA
SetWindowTextA
DialogBoxParamW
GetKeyState
EndDialog
GetDlgItemTextW
SetWindowPos
SetFocus
FrameRect
GetClassInfoExW
UnregisterClassW
GetWindowRect
ScreenToClient
GetSysColorBrush
FillRect
MessageBeep
DestroyWindow
PostQuitMessage
GetDlgItem
EnableWindow
GetWindowThreadProcessId
PostMessageW
BeginPaint
GetSysColor
DrawEdge
EndPaint
SetRect
ScrollWindow
UpdateWindow
GetDC
ReleaseDC
SetScrollInfo
SendMessageW
ShowWindow
MessageBoxW
LoadStringW
RedrawWindow
GetClassNameW

advapi32

RegOpenKeyExA
RegQueryValueExW
RegOpenKeyExW
RegQueryValueExA
RegCloseKey

gdi32

GetTextMetricsW
GetStockObject
CreateFontIndirectW
GetDeviceCaps
DeleteDC
DeleteObject
BitBlt
GetTextExtentPoint32W
TextOutW
SetTextAlign
SetBkMode
CreateSolidBrush
CreateCompatibleBitmap
CreateCompatibleDC
SetPixel
LineDDA
ExtTextOutW
SetBkColor
SetTextColor
GetObjectW
SelectObject

imm32

ImmGetCompositionStringW
ImmSetCompositionStringW
ImmNotifyIME
ImmGetContext
ImmSetOpenStatus
ImmGetIMEFileNameW

comdlg32

GetOpenFileNameW
GetSaveFileNameW

msvcrt

memmove
wcsncpy
_itow
??2@YAPAXI@Z
_c_exit
_exit
_XcptFilter
_cexit
exit
_acmdln
__getmainargs
__CxxFrameHandler
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
??1type_info@@UAE@XZ
__dllonexit
_onexit
_controlfp
_except_handler3
?terminate@@YAXXZ
_vsnwprintf
??3@YAXPAX@Z
_initterm
_CxxThrowException

Sections

.text
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fa83f1c3a1dd9268fb9039d721b0ac95

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

imm32

comdlg32

msvcrt

Sections

.text Size: 33KB - Virtual size: 32KB

.data Size: 512B - Virtual size: 2KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 33KB - Virtual size: 32KB

.data
Size: 512B - Virtual size: 2KB

.rsrc
Size: 8KB - Virtual size: 8KB