5850fc925c0490720769b7a907c43af0_NeikiAnalytics

Sharing

Copy URL

Twitter E-mail

General

Target

5850fc925c0490720769b7a907c43af0_NeikiAnalytics
Size

392KB
MD5

5850fc925c0490720769b7a907c43af0
SHA1

142f84ee570000fa4494330de6f05e2b2d4796ed
SHA256

cb206bb5885fdafa76310cd109b2aeffa5159bb891662bac6b0bbdb96a7fb0e9
SHA512

017336f013b66ae7243849ca4f45c765673c002c9bc41e8ddccc6c9e1ffa6a0a6c71b5141d3676a3f37d6461554dc95462a147b27e3e32ce86272309a05dd8ce
SSDEEP

6144:K+pmILsStzk9J/mCUgVk4ZjTeWCUHeECy7WyMuZEJF:K+8V9XUiZjTltgyKyMZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5850fc925c0490720769b7a907c43af0_NeikiAnalytics

Files

5850fc925c0490720769b7a907c43af0_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

ae8c5b4634ad7d3328a9bea3dc8f3b2e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

emersyspostprocessinglibrary

IVSE_Init
IVSE_SetAudioProp
IVSE_SetMode
IVSE_Processing
IVSE_SetManualEQParam
IVSE_Flush
IVSE_SetTuningParam

bass

BASS_ChannelPlay
BASS_ChannelIsActive
BASS_ChannelStop
BASS_ChannelSetPosition
BASS_ChannelSeconds2Bytes
BASS_StreamGetLength
BASS_ChannelPause
BASS_ChannelRemoveDSP
BASS_StreamCreateFile
BASS_ChannelSetDSP
BASS_ChannelSetSync
BASS_ChannelGetInfo
BASS_ChannelBytes2Seconds
BASS_ChannelGetPosition
BASS_Init
BASS_StreamFree

kernel32

GetOEMCP
WritePrivateProfileStringA
HeapAlloc
HeapFree
HeapReAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
GetCommandLineA
GetProcessHeap
GetStartupInfoA
SetStdHandle
GetFileType
ExitProcess
HeapSize
VirtualFree
HeapDestroy
HeapCreate
GetStdHandle
GetACP
IsValidCodePage
SetHandleCount
Sleep
FreeEnvironmentStringsA
GetEnvironmentStrings
GetCPInfo
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
InterlockedExchange
MultiByteToWideChar
WideCharToMultiByte
GetLastError
SizeofResource
LockResource
LoadResource
FindResourceA
GetVersion
GetCurrentDirectoryA
GetModuleFileNameA
CompareStringA
CompareStringW
lstrlenA
CloseHandle
WriteFile
CreateFileA
OutputDebugStringA
GetTickCount
ReadFile
GetFileSize
SetLastError
MulDiv
LocalFree
FormatMessageA
GlobalFlags
GetFileTime
GetFileAttributesA
FileTimeToLocalFileTime
SetErrorMode
FileTimeToSystemTime
InterlockedIncrement
TlsFree
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalFree
GetCurrentProcessId
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
InterlockedDecrement
GetModuleFileNameW
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
lstrcmpA
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
lstrcmpW
GetModuleHandleA
GetVersionExA
GetProcAddress
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
LoadLibraryA
GetThreadLocale
FreeEnvironmentStringsW

user32

InvalidateRgn
GetNextDlgGroupItem
MessageBeep
UnregisterClassA
RegisterClipboardFormatA
PostThreadMessageA
DestroyMenu
LoadCursorA
GetSysColorBrush
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
SetWindowContextHelpId
MapDialogRect
SetCursor
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
PostQuitMessage
ReleaseDC
GetDC
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
ShowWindow
MoveWindow
SetWindowTextA
InvalidateRect
IsDlgButtonChecked
SetDlgItemTextA
CheckDlgButton
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
SetFocus
GetWindowTextLengthA
GetForegroundWindow
SetActiveWindow
DispatchMessageA
GetDlgItem
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
GetKeyState
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenu
PostMessageA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
EqualRect
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
OffsetRect
SetRect
IsRectEmpty
CopyAcceleratorTableA
CharNextA
ReleaseCapture
SetCapture
IsDialogMessageA
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetWindow
GetWindowThreadProcessId
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
MessageBoxA
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
IsWindow
LoadIconA
GetClientRect
IsIconic
DrawIcon
EnableWindow
SendMessageA
CharUpperA
GetSystemMetrics
GetWindowTextA
GetTopWindow

gdi32

SetMapMode
DeleteObject
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
GetStockObject
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
RestoreDC
SaveDC
CreateRectRgnIndirect
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps

comdlg32

GetFileTitleA
GetOpenFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCloseKey

shlwapi

PathIsUNCA
PathFindExtensionA
PathStripToRootA
PathFindFileNameA

oledlg

ord8

ole32

StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
StgCreateDocfileOnILockBytes
CoTaskMemFree
OleIsCurrentClipboard
OleFlushClipboard
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
CoRegisterMessageFilter

oleaut32

SysAllocString
OleCreateFontIndirect
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
SysAllocStringByteLen
SysFreeString
SysStringLen

winmm

mmioClose
mmioWrite
mmioCreateChunk
mmioOpenA
mmioAscend

Sections

.text
Size: 260KB - Virtual size: 257KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae8c5b4634ad7d3328a9bea3dc8f3b2e

Headers

File Characteristics

Imports

emersyspostprocessinglibrary

bass

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shlwapi

oledlg

ole32

oleaut32

winmm

Sections

.text Size: 260KB - Virtual size: 257KB

.rdata Size: 64KB - Virtual size: 62KB

.data Size: 24KB - Virtual size: 41KB

.rsrc Size: 40KB - Virtual size: 37KB

.text
Size: 260KB - Virtual size: 257KB

.rdata
Size: 64KB - Virtual size: 62KB

.data
Size: 24KB - Virtual size: 41KB

.rsrc
Size: 40KB - Virtual size: 37KB