6b111ab2aa6545345c1bc2c52e5055d0_NeikiAnalytics

Sharing

Copy URL

Twitter E-mail

General

Target

6b111ab2aa6545345c1bc2c52e5055d0_NeikiAnalytics
Size

3.6MB
MD5

6b111ab2aa6545345c1bc2c52e5055d0
SHA1

1a7d338fe11a43476405ecf41d7f2e671f64587d
SHA256

b3716d1f6b8418b022ac0a35dadb27b092b645a07cda4abce710ff142f1837ef
SHA512

664b76ad4d175ae91d5055ae2bed570f93bead2a683441b5a1cbf90a2cc8b41db869263d9b84fca3d6a48ef32739512c195f827a8cee5f79db1f1d1b38904b2c
SSDEEP

49152:+VaCXb1QHFdczdPQPjLFVXQ/GIFt/kl0LudCTJ8qKFolYAn5jqKdxogNkQKP:+oCLK+PItNIFt/kl0cbildjqK/ogeQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6b111ab2aa6545345c1bc2c52e5055d0_NeikiAnalytics

Files

6b111ab2aa6545345c1bc2c52e5055d0_NeikiAnalytics
.exe windows:6 windows x86 arch:x86

37c64c7a06dcf84eebf77f507fc6f604

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\projects\vim-win32-build\dist\x86\vim\src\gvim.pdb

Imports

kernel32

SetCurrentDirectoryW
CreateJobObjectA
GetComputerNameW
GetCurrentProcessId
GlobalMemoryStatusEx
CreateProcessW
GetFileType
TerminateJobObject
BackupRead
BackupSeek
GetEnvironmentStringsW
FreeEnvironmentStringsA
SetConsoleTitleW
MoveFileW
GenerateConsoleCtrlEvent
GetExitCodeProcess
QueryPerformanceFrequency
QueryPerformanceCounter
GlobalSize
GlobalAlloc
LocalHandle
lstrlenA
LocalAlloc
GetConsoleMode
GetNumberOfConsoleInputEvents
ConnectNamedPipe
DisconnectNamedPipe
GetOverlappedResult
FlushFileBuffers
DecodePointer
FreeConsole
GlobalFree
Process32Next
GetVersionExA
LoadLibraryA
CreateFileA
AttachConsole
GetFileInformationByHandle
Sleep
CreateToolhelp32Snapshot
SetFileAttributesW
SetCurrentDirectoryA
ResumeThread
PeekNamedPipe
GetConsoleTitleW
SetErrorMode
HeapSize
WriteConsoleW
GetStringTypeW
GetProcessId
GetProcessHeap
GetCommandLineA
FindFirstFileExW
GetTimeZoneInformation
SetEndOfFile
WaitForMultipleObjects
AssignProcessToJobObject
WriteFile
GetCurrentProcess
GetFullPathNameW
GetCommandLineW
CreateNamedPipeA
VirtualProtect
SetHandleInformation
Process32First
GetModuleFileNameA
ReadFile
VirtualQuery
MulDiv
GlobalUnlock
IsBadReadPtr
FormatMessageA
LocalFree
GlobalLock
GetSystemInfo
GetFileAttributesW
CreateFileW
GetLocaleInfoA
FreeLibrary
GetProcAddress
GetLastError
IsValidCodePage
GetACP
GetCPInfo
IsDBCSLeadByteEx
CreateProcessA
GetStartupInfoA
WaitForSingleObject
CreatePipe
TerminateProcess
GetShortPathNameW
GetLongPathNameW
GetTempFileNameW
DeleteFileW
GetCurrentDirectoryW
FindClose
GetTempPathW
FindNextFileW
FindFirstFileW
GetTickCount
DebugBreakProcess
CloseHandle
OpenProcess
FreeEnvironmentStringsW
GetOEMCP
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetFileSizeEx
HeapAlloc
HeapFree
HeapReAlloc
GetStdHandle
GetModuleFileNameW
GetConsoleCP
DuplicateHandle
ReadConsoleW
SetConsoleCtrlHandler
GetFileAttributesExW
FreeLibraryAndExitThread
ExitThread
CreateThread
RemoveDirectoryW
CreateDirectoryW
SetEnvironmentVariableW
VirtualAlloc
SetStdHandle
SetFilePointerEx
GetModuleHandleExW
ExitProcess
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetDriveTypeW
EncodePointer
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetLastError
RtlUnwind
RaiseException
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetModuleHandleA
WideCharToMultiByte

advapi32

GetUserNameW
RegQueryValueA
OpenProcessToken
GetNamedSecurityInfoW
SetNamedSecurityInfoW
LookupPrivilegeValueA
GetAce
GetAclInformation
AdjustTokenPrivileges
RegEnumKeyExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegDeleteKeyA
RegCloseKey

shell32

DragFinish
DragAcceptFiles
DragQueryPoint
DragQueryFileW
CommandLineToArgvW
ShellExecuteW
Shell_NotifyIconA
DragQueryFileA

gdi32

CreateSolidBrush
ExtTextOutW
GetNearestColor
SelectObject
StartPage
EndDoc
GetDCOrgEx
GetDeviceCaps
DeleteDC
TextOutW
GetTextExtentPoint32W
SetTextColor
SetBkMode
CreateFontIndirectA
MoveToEx
DeleteObject
CreateDCA
GetTextMetricsA
CreateFontIndirectW
SetTextAlign
SetAbortProc
StartDocW
EndPage
CreateBitmap
CreateCompatibleDC
CreateFontA
ExtTextOutA
BitBlt
GetCurrentObject
GetBkMode
GetObjectW
CreatePen
LineTo
GetTextExtentPointA
GetPixel
GdiFlush
GetTextExtentPointW
SetBkColor
SetPixel
EnumFontFamiliesW

comdlg32

GetSaveFileNameW
ReplaceTextW
FindTextW
ChooseFontW
CommDlgExtendedError
PrintDlgW
GetOpenFileNameW

ole32

StringFromCLSID
OleUninitialize
CoRegisterClassObject
OleInitialize
CoRevokeClassObject
CoCreateInstance
CoInitialize
CoUninitialize
CoTaskMemFree

netapi32

NetUserEnum
NetApiBufferFree

user32

mouse_event
ScrollWindowEx
IntersectRect
IsRectEmpty
DestroyMenu
GetMessageTime
SetMenu
MoveWindow
GetSysColor
GetMonitorInfoA
GetDlgItemTextW
LoadBitmapA
GetKeyboardLayout
FrameRect
GetWindowLongA
MapWindowPoints
RegisterClassW
CallWindowProcA
FindWindowExA
ClientToScreen
SetWindowLongA
DestroyIcon
RedrawWindow
SetTimer
GetCapture
RegisterWindowMessageA
OffsetRect
DialogBoxIndirectParamA
GetClassInfoW
ShowWindow
TrackPopupMenu
DestroyCursor
GetWindowPlacement
GetScrollPos
IsZoomed
CreatePopupMenu
MessageBeep
SetWindowTextW
SetParent
EndDialog
GetCursor
SendMessageW
ScreenToClient
CreateWindowExW
FillRect
GetMenuItemCount
SetActiveWindow
MonitorFromWindow
InvertRect
InsertMenuA
SetWindowPos
IsWindowVisible
GetDC
InsertMenuItemW
LoadCursorA
GetWindowRect
GetWindow
MonitorFromPoint
ShowScrollBar
GetKeyState
GetMenuState
DefWindowProcW
GetMessageW
SetScrollInfo
MessageBoxA
GetCaretBlinkTime
GetDlgItem
IsIconic
SetCursorPos
GetCursorPos
GetMenuItemRect
DrawIconEx
KillTimer
SystemParametersInfoW
CreateMenu
InvalidateRect
PtInRect
UpdateWindow
DrawMenuBar
SetCapture
InsertMenuW
SetCursor
SetClassLongA
TrackPopupMenuEx
CreateDialogIndirectParamA
RemoveMenu
GetSystemMetrics
GetClientRect
ReleaseCapture
ShowCursor
WindowFromPoint
SetForegroundWindow
LoadIconA
MapVirtualKeyA
IsWindow
DestroyWindow
EnableWindow
ReleaseDC
GetParent
EnableMenuItem
GetDesktopWindow
BeginPaint
EndPaint
OpenClipboard
CloseClipboard
EmptyClipboard
GetClipboardData
SetClipboardData
IsClipboardFormatAvailable
RegisterClipboardFormatA
GetFocus
MessageBoxW
CharLowerBuffA
GetSystemMenu
LoadImageA
EnumChildWindows
PostMessageA
GetClassNameA
wsprintfA
GetDlgItemTextA
DispatchMessageW
IsDialogMessageW
PeekMessageW
GetWindowTextA
CharUpperBuffA
SetDlgItemTextW
SetWindowTextA
RegisterClassA
EnumWindows
DefWindowProcA
CreateWindowExA
SetFocus
TranslateMessage
SendDlgItemMessageA
SendMessageA
GetWindowDC
CreateDialogParamA
SystemParametersInfoA
MsgWaitForMultipleObjects

comctl32

CreateToolbarEx
ord17

oleaut32

UnRegisterTypeLi
LoadTypeLi
RegisterTypeLi
SysAllocString
RevokeActiveObject
LoadRegTypeLi
SetErrorInfo
RegisterActiveObject

winmm

mciSendStringA
mciGetDeviceIDA
PlaySoundW
mciSendStringW

wsock32

recv
htons
closesocket
select
send
socket
connect
WSAStartup
WSACleanup
WSAGetLastError
__WSAFDIsSet
inet_ntoa

ws2_32

getaddrinfo
inet_ntop
freeaddrinfo

Exports

Exports

scheme_external_get_thread_local_variables

Sections

.text
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 248KB - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 161KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 213KB - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

37c64c7a06dcf84eebf77f507fc6f604

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

advapi32

shell32

gdi32

comdlg32

ole32

netapi32

user32

comctl32

oleaut32

winmm

wsock32

ws2_32

Exports

Exports

Sections

.text Size: 3.0MB - Virtual size: 3.0MB

.rdata Size: 248KB - Virtual size: 247KB

.data Size: 161KB - Virtual size: 209KB

.rsrc Size: 44KB - Virtual size: 43KB

.reloc Size: 213KB - Virtual size: 213KB

.text
Size: 3.0MB - Virtual size: 3.0MB

.rdata
Size: 248KB - Virtual size: 247KB

.data
Size: 161KB - Virtual size: 209KB

.rsrc
Size: 44KB - Virtual size: 43KB

.reloc
Size: 213KB - Virtual size: 213KB