9c1dc439e4214d6fc30585e0158e93c0_NeikiAnalytics

Sharing

Copy URL

Twitter E-mail

General

Target

9c1dc439e4214d6fc30585e0158e93c0_NeikiAnalytics
Size

3.5MB
MD5

9c1dc439e4214d6fc30585e0158e93c0
SHA1

f4a318bf408813a424b1c15caddc5f56c92d24e3
SHA256

9247728b787649559a94d0c7dc32849be49f66946f39bb229fbadaa51b97d45b
SHA512

2a1672553ec9e319f95e5503dda3cbb2c6a052a6dba309d3b472560ae45f18f80d1ad8752d366db1a41b985bb8d63113ff6bde0de8b123916d4e9af674655bfc
SSDEEP

98304:A2Mh2XqMMMMMMMMbMMMMMMMMXSV/BEmxQxACTye0Gnuya:y2I6F/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9c1dc439e4214d6fc30585e0158e93c0_NeikiAnalytics

Files

9c1dc439e4214d6fc30585e0158e93c0_NeikiAnalytics
.exe windows:5 windows x86 arch:x86

07c144ce2dff703440c130c8446c9926

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

PlaySoundW
waveOutOpen
waveOutPrepareHeader
waveOutReset
waveOutUnprepareHeader
waveOutWrite
waveOutClose

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

comctl32

_TrackMouseEvent
ImageList_ReplaceIcon

kernel32

SetLastError
SetPriorityClass
SetStdHandle
SetThreadExecutionState
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
SuspendThread
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
SetErrorMode
VirtualAlloc
VirtualProtect
VirtualQuery
WaitForSingleObject
WaitForSingleObjectEx
WideCharToMultiByte
WriteConsoleW
WriteFile
WritePrivateProfileStringW
SetEnvironmentVariableW
SetEndOfFile
SetConsoleCtrlHandler
SearchPathW
ResumeThread
RemoveDirectoryW
ReleaseSemaphore
RtlUnwind
GetStartupInfoA
GetVersion
GetCurrentProcess
ReadFile
ReadConsoleW
RaiseException
QueryPerformanceFrequency
QueryPerformanceCounter
OutputDebugStringW
OutputDebugStringA
MultiByteToWideChar
MulDiv
MoveFileW
lstrcpyW
lstrcmpW
lstrcmpiW
lstrcmpA
LockResource
LockFile
LocalUnlock
LocalReAlloc
LocalLock
LocalFree
LocalFileTimeToFileTime
LocalAlloc
LoadResource
LoadLibraryW
LoadLibraryExW
LoadLibraryExA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
SetHandleCount
GetEnvironmentVariableA
GetVersionExA
HeapCreate
VirtualFree
InterlockedDecrement
LCMapStringW
IsValidLocale
IsValidCodePage
IsProcessorFeaturePresent
IsBadWritePtr
HeapSize
HeapReAlloc
HeapFree
HeapDestroy
HeapAlloc
GlobalUnlock
GlobalSize
GlobalReAlloc
GlobalLock
GlobalHandle
GlobalGetAtomNameW
SetFileTime
GlobalFlags
GlobalFindAtomW
GlobalDeleteAtom
GlobalAlloc
GlobalAddAtomW
GetWindowsDirectoryW
GetVolumeInformationW
GetVersionExW
GetUserDefaultLCID
GetTimeZoneInformation
GetTimeFormatW
SetSystemPowerState
GetThreadLocale
GetTempPathW
GetTempFileNameW
GetSystemInfo
GetSystemDirectoryW
GetSystemDefaultLCID
GetStringTypeW
GetStringTypeExW
GetStdHandle
GetStartupInfoW
GetShortPathNameW
GetProfileIntW
GetProcessHeap
GetProcAddress
GetPrivateProfileStringW
GetPrivateProfileIntW
GetOEMCP
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetLongPathNameW
GetLogicalDriveStringsW
GetLocalTime
GetLocaleInfoW
GetLastError
GetFullPathNameW
GetFileType
GetFileTime
GetFileSize
GetFileAttributesW
GetFileAttributesExW
GetEnvironmentStringsW
GetDriveTypeW
GetDiskFreeSpaceW
GetDateFormatW
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentDirectoryW
GetCPInfo
GetConsoleOutputCP
GetACP
FreeLibraryAndExitThread
FreeLibrary
FreeEnvironmentStringsW
FormatMessageW
FlushFileBuffers
FindResourceW
FindResourceExW
FindNextFileW
FindFirstFileW
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
ExitThread
ExitProcess
EnumSystemLocalesW
DuplicateHandle
DeleteFileW
DeleteCriticalSection
CreateThread
CreateSemaphoreW
CreateFileW
CreateEventW
CreateDirectoryW
CopyFileW
CompareStringW
CompareStringA
CloseHandle
GetSystemTimeAsFileTime
GetCommandLineA
InitializeCriticalSection
EnterCriticalSection
GetTickCount
LeaveCriticalSection
LoadLibraryA
GetCommandLineW
GetConsoleMode
SetFilePointer
SetFileAttributesW
GlobalFree
SetEvent
InterlockedIncrement
GetStringTypeA
LCMapStringA
UnlockFile

user32

SetDlgItemTextW
SetFocus
SetForegroundWindow
SetMenu
SetMenuDefaultItem
SetMenuItemBitmaps
SetMenuItemInfoW
SetParent
SetPropW
SetRectEmpty
SetScrollInfo
SetScrollPos
SetScrollRange
SetTimer
SetWindowContextHelpId
SetWindowLongW
SetWindowPlacement
SetWindowPos
SetWindowRgn
SetWindowsHookExW
SetWindowTextW
ShowOwnedPopups
ShowScrollBar
ShowWindow
SubtractRect
SystemParametersInfoW
TabbedTextOutW
ToUnicodeEx
TrackPopupMenuEx
TranslateAcceleratorW
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnionRect
UnregisterClassW
UpdateWindow
ValidateRect
WaitMessage
WindowFromDC
WinHelpW
SetDlgItemInt
SetCursorPos
SetCursor
SetClipboardData
SetClassLongW
SetCapture
SetActiveWindow
SendNotifyMessageW
SendMessageW
SendDlgItemMessageW
SendDlgItemMessageA
ScrollWindowEx
ScrollWindow
ScreenToClient
RemovePropW
RemoveMenu
ReleaseDC
ReleaseCapture
RegisterWindowMessageW
RegisterClipboardFormatW
RegisterClassW
RedrawWindow
PtInRect
PostThreadMessageW
PostQuitMessage
PostMessageW
PeekMessageW
OpenClipboard
OffsetRect
MoveWindow
ModifyMenuW
MessageBoxW
MessageBeep
MapWindowPoints
MapVirtualKeyW
MapVirtualKeyExW
MapDialogRect
LockWindowUpdate
LoadMenuW
LoadImageW
LoadIconW
LoadCursorW
LoadBitmapW
LoadAcceleratorsW
KillTimer
IsZoomed
IsWindowVisible
IsWindowEnabled
IsRectEmpty
IsMenu
IsIconic
IsDlgButtonChecked
IsDialogMessageW
IsClipboardFormatAvailable
IsChild
IsCharLowerW
InvalidateRgn
InvalidateRect
IntersectRect
InsertMenuW
InsertMenuItemW
InSendMessage
InflateRect
HideCaret
GrayStringW
GetWindowThreadProcessId
GetWindowTextW
GetWindowTextLengthW
GetWindowRgn
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetUpdateRect
GetTopWindow
GetTabbedTextExtentW
GetSystemMetrics
GetSystemMenu
GetSysColorBrush
GetSysColor
GetSubMenu
GetScrollRange
GetScrollPos
GetScrollInfo
GetPropW
GetParent
GetNextDlgTabItem
GetNextDlgGroupItem
GetMessageW
GetMessageTime
GetMessagePos
GetMenuStringW
GetMenuState
GetMenuItemInfoW
GetMenuItemID
GetMenuItemCount
GetMenuDefaultItem
GetMenuCheckMarkDimensions
GetLastActivePopup
GetKeyState
GetKeyNameTextW
GetKeyboardState
GetKeyboardLayout
GetIconInfo
GetForegroundWindow
GetFocus
GetDoubleClickTime
GetDlgItemTextW
GetDlgItemInt
GetDlgItem
GetDlgCtrlID
GetDialogBaseUnits
GetDesktopWindow
GetDCEx
GetCursorPos
GetClipboardData
GetClientRect
GetClassNameW
GetClassLongW
GetClassInfoW
GetClassInfoExW
GetCapture
GetAsyncKeyState
GetActiveWindow
FrameRect
FillRect
ExitWindowsEx
EqualRect
EnumChildWindows
EndPaint
EndDialog
EndDeferWindowPos
EnableWindow
EnableScrollBar
EnableMenuItem
EmptyClipboard
DrawTextW
DrawTextExW
DrawStateW
DrawMenuBar
DrawIconEx
DrawIcon
ReuseDDElParam
UnpackDDElParam
DrawFrameControl
DrawFocusRect
DrawEdge
DispatchMessageW
DestroyWindow
DestroyMenu
DestroyIcon
DestroyCursor
DestroyAcceleratorTable
DeleteMenu
DefWindowProcW
DefMDIChildProcW
DefFrameProcW
CreateWindowExW
CreatePopupMenu
CreateMenu
CreateDialogIndirectParamW
CreateAcceleratorTableW
CopyRect
CopyImage
CopyIcon
CopyAcceleratorTableW
CloseClipboard
ClientToScreen
CheckRadioButton
CheckMenuRadioItem
CheckMenuItem
CheckDlgButton
CharUpperW
CharUpperBuffW
CharNextW
CallWindowProcW
CallNextHookEx
BringWindowToTop
BeginPaint
BeginDeferWindowPos
AppendMenuW
AdjustWindowRectEx
GetWindowDC

gdi32

EnumMetaFile
Escape
ExcludeClipRect
ExtCreatePen
ExtFloodFill
ExtSelectClipRgn
ExtTextOutW
FillRgn
FrameRgn
GetBkColor
GetBkMode
GetBoundsRect
GetCharWidthW
GetClipBox
GetClipRgn
GetCurrentObject
GetCurrentPositionEx
GetDeviceCaps
GetDIBits
GetMapMode
GetNearestColor
GetNearestPaletteIndex
GetObjectType
GetObjectW
GetPaletteEntries
GetPixel
GetPolyFillMode
GetRgnBox
GetROP2
GetStockObject
GetStretchBltMode
GetSystemPaletteEntries
GetTextAlign
GetTextCharsetInfo
GetTextColor
GetTextExtentPoint32W
GetTextFaceW
CreateHatchBrush
GetTextMetricsW
GetViewportExtEx
GetViewportOrgEx
GetWindowExtEx
GetWindowOrgEx
IntersectClipRect
LineTo
LPtoDP
ModifyWorldTransform
MoveToEx
EndDoc
OffsetRgn
OffsetViewportOrgEx
EnumFontFamiliesW
PatBlt
PlayMetaFile
PlayMetaFileRecord
PolyBezierTo
PolyDraw
PolylineTo
PtInRegion
PtVisible
RealizePalette
Rectangle
RectVisible
RestoreDC
SaveDC
ScaleViewportExtEx
ScaleWindowExtEx
SelectClipPath
SelectClipRgn
SelectObject
SelectPalette
SetAbortProc
SetArcDirection
SetBkColor
SetBkMode
SetColorAdjustment
SetDIBColorTable
SetDIBits
SetGraphicsMode
SetMapMode
SetMapperFlags
SetPaletteEntries
SetPixelV
SetPolyFillMode
SetRectRgn
SetROP2
SetStretchBltMode
SetTextAlign
SetTextCharacterExtra
SetTextColor
SetTextJustification
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
SetWorldTransform
StartDocW
StartPage
StretchDIBits
TextOutW
Ellipse
DPtoLP
EnumFontFamiliesExW
OffsetWindowOrgEx
EndPage
DeleteObject
DeleteMetaFile
DeleteDC
CreateSolidBrush
CreateRoundRectRgn
CreateRectRgnIndirect
CreateRectRgn
CreatePolygonRgn
CreatePen
CreatePatternBrush
CreatePalette
OffsetClipRgn
AbortDoc
CreateFontW
CreateFontIndirectW
CreateEllipticRgn
CreateDIBSection
CreateDIBPatternBrushPt
CreateDIBitmap
CreateDCW
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap
CopyMetaFileW
CombineRgn
CloseMetaFile
BitBlt
ArcTo
CreateMetaFileW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter
GetJobW

comdlg32

GetOpenFileNameW
ChooseColorW
GetSaveFileNameW

advapi32

RegSetValueW
RegSetValueExW
RegQueryValueW
RegEnumValueW
RegEnumKeyW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
OpenProcessToken
LookupPrivilegeValueW
GetFileSecurityW
AdjustTokenPrivileges
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
SetFileSecurityW

shell32

CommandLineToArgvW
DragAcceptFiles
DragFinish
DragQueryFileW
ExtractIconW
ShellExecuteExW
ShellExecuteW

ole32

OleCreateFromData
OleCreateFromFile
OleCreateLinkFromData
OleCreateLinkToFile
OleCreateMenuDescriptor
OleCreateStaticFromData
OleDestroyMenuDescriptor
OleDuplicateData
OleFlushClipboard
OleGetClipboard
OleGetIconOfClass
OleInitialize
OleIsCurrentClipboard
OleIsRunning
OleLoad
OleLockRunning
OleQueryCreateFromData
OleQueryLinkFromData
OleRegEnumVerbs
OleRegGetMiscStatus
OleRegGetUserType
OleRun
OleSaveToStream
OleSetClipboard
OleSetContainedObject
OleSetMenuDescriptor
OleTranslateAccelerator
OleUninitialize
IsAccelerator
ReadClassStg
ReadFmtUserTypeStg
RegisterDragDrop
ReleaseStgMedium
RevokeDragDrop
SetConvertStg
StgCreateDocfile
StgCreateDocfileOnILockBytes
StgIsStorageFile
StgOpenStorage
StgOpenStorageOnILockBytes
StringFromCLSID
StringFromGUID2
WriteClassStg
WriteClassStm
WriteFmtUserTypeStg
CoRegisterMessageFilter
CoRegisterClassObject
CoLockObjectExternal
CoInitialize
CoGetMalloc
CoGetClassObject
CoFreeUnusedLibraries
CoDisconnectObject
CoCreateInstance
CoCreateGuid
CLSIDFromString
CLSIDFromProgID
GetRunningObjectTable
GetHGlobalFromILockBytes
CreateStreamOnHGlobal
DoDragDrop
CreateOleAdviseHolder
CreateItemMoniker
CreateILockBytesOnHGlobal
CreateFileMoniker
CreateGenericComposite
CreateDataAdviseHolder
CreateBindCtx
CoUninitialize
CoTreatAsClass
CoTaskMemFree
CoTaskMemAlloc
PropVariantCopy
CoRevokeClassObject

shlwapi

PathStripToRootW
PathRemoveFileSpecW
PathRemoveExtensionW
PathIsUNCW
PathFindFileNameW
PathFindExtensionW
PathFileExistsW

Sections

.text
Size: 768KB - Virtual size: 764KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 620KB - Virtual size: 620KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.button6
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

07c144ce2dff703440c130c8446c9926

Headers

File Characteristics

Imports

winmm

imm32

comctl32

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

shlwapi

Sections

.text Size: 768KB - Virtual size: 764KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 16KB - Virtual size: 21KB

.rsrc Size: 620KB - Virtual size: 620KB

.button6 Size: 2.1MB - Virtual size: 2.1MB

.text
Size: 768KB - Virtual size: 764KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 16KB - Virtual size: 21KB

.rsrc
Size: 620KB - Virtual size: 620KB

.button6
Size: 2.1MB - Virtual size: 2.1MB