9d1ee0e0858d1b1507c321057ddbbcd0_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

9d1ee0e0858d1b1507c321057ddbbcd0_NeikiAnalytics
Size

1.9MB
MD5

9d1ee0e0858d1b1507c321057ddbbcd0
SHA1

966d8c767d975faccd181fddc6346993a71af2b6
SHA256

dbd667b1f77c22f7d417489773d5f9bc6c70115dcba7a8219e1b3a8435cbb71b
SHA512

07f9b6b128429e5731d7a258820e52bcff446346c7f5bfd7a8a8851aeeb4599fb8a3a6565d66a99dbc433b18e2617b472c1178d6592e1468f50798e20dace071
SSDEEP

24576:iMkAdkygmH3ZxJgXnuPqqmHTzisRdc3FiXEV43APgclaHW9AgufG/cPphJiy5W8Y:iMZd+mXZxJgXuTkDRd5EW3A4gxcLQc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9d1ee0e0858d1b1507c321057ddbbcd0_NeikiAnalytics

Files

9d1ee0e0858d1b1507c321057ddbbcd0_NeikiAnalytics
.dll windows:4 windows x86 arch:x86

23a6ae01d5c93bbd91a0fbc6c134c5ed

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WriteFile
SetFilePointer
FlushFileBuffers
GetCurrentProcess
GetCommandLineA
RtlUnwind
HeapSize
ExitProcess
HeapReAlloc
TerminateProcess
VirtualAlloc
GetSystemInfo
VirtualQuery
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsBadWritePtr
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetOEMCP
GetCPInfo
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetStdHandle
InterlockedIncrement
FormatMessageW
GetVersion
WideCharToMultiByte
SizeofResource
GlobalFlags
RaiseException
FindResourceW
LoadResource
LockResource
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetModuleHandleA
LoadLibraryA
FreeLibrary
lstrcmpW
GetVersionExA
MultiByteToWideChar
GetLastError
SetLastError
SetErrorMode
GetModuleHandleW
GetProcAddress
GetModuleFileNameW
lstrcpyW
lstrcatW
lstrlenW
lstrcpynW
GetCurrentThreadId
CloseHandle
InterlockedDecrement
TlsFree
GlobalFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
TlsGetValue
EnterCriticalSection
GlobalAlloc
GlobalHandle
GlobalUnlock
GlobalReAlloc
GlobalLock
LeaveCriticalSection
LocalFree
LocalAlloc
HeapAlloc
GetLocaleInfoA
GetACP
InterlockedExchange
VirtualProtect
HeapFree

comctl32

ord17

shlwapi

PathFindExtensionW
PathFindFileNameW

oleacc

LresultFromObject
CreateStdAccessibleObject

user32

LoadCursorW
GetSysColorBrush
ReleaseDC
GetDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
ClientToScreen
IsWindowEnabled
SetWindowTextW
RegisterWindowMessageW
WinHelpW
GetCapture
CreateWindowExW
GetClassInfoExW
GetClassNameW
SetPropW
GetPropW
RemovePropW
DestroyMenu
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
LoadIconW
MessageBoxW
EnableWindow
SetForegroundWindow
GetClientRect
GetMenu
PostMessageW
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetSysColor
AdjustWindowRectEx
PostQuitMessage
GetClassLongW
UnhookWindowsHookEx
ValidateRect
GetClassInfoW
RegisterClassW
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetWindowLongW
SetWindowLongW
SetWindowPos
PeekMessageW
GetKeyState
SendMessageW
DispatchMessageW
CallNextHookEx
SetWindowsHookExW
UnregisterClassW
LoadBitmapW
GetMenuCheckMarkDimensions
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuW
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
CopyRect
PtInRect
GetWindow
SetMenuItemBitmaps
GetFocus
GetParent
MapWindowPoints

gdi32

DeleteObject
SaveDC
RestoreDC
DeleteDC
GetStockObject
ScaleViewportExtEx
SetTextColor
GetClipBox
GetDeviceCaps
SetBkColor
ScaleWindowExtEx
SetWindowExtEx
CreateBitmap
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
SetMapMode

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

oleaut32

VariantInit
VariantChangeType
VariantClear

Exports

Exports

GetLocalizedDllInfo

Sections

.text
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

23a6ae01d5c93bbd91a0fbc6c134c5ed

Headers

File Characteristics

Imports

kernel32

comctl32

shlwapi

oleacc

user32

gdi32

winspool.drv

oleaut32

Exports

Exports

Sections

.text Size: 68KB - Virtual size: 66KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 8KB - Virtual size: 20KB

.rsrc Size: 1.8MB - Virtual size: 1.8MB

.reloc Size: 20KB - Virtual size: 18KB

.text
Size: 68KB - Virtual size: 66KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 8KB - Virtual size: 20KB

.rsrc
Size: 1.8MB - Virtual size: 1.8MB

.reloc
Size: 20KB - Virtual size: 18KB