008d181d95472f50949648e9e2569440_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

008d181d95472f50949648e9e2569440_NeikiAnalytics
Size

469KB
MD5

008d181d95472f50949648e9e2569440
SHA1

4f0b31e3c70286d2de07e8bc34919b7518eb88bd
SHA256

9919c653aa91a899c79a4532ee4e4006b4ee62db953412a54f244ca75bbb4065
SHA512

7c39d59e3c93ee25a30f8be9931f6faafdb217e4a3f7ffa6ecc86b5bb373e974816de2a8844f136f308155ea8bcd1a6135493a0428f8ca42b1418ca1bdd2df6c
SSDEEP

12288:dkBuG/HGNU834H3r8hqF8ONZw8QCVFWFWNvr:SuG/YQ3rsqFvNZw8HJNr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
008d181d95472f50949648e9e2569440_NeikiAnalytics

Files

008d181d95472f50949648e9e2569440_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

02f3b346c573902220575047b31a0204

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

ChooseFontA
GetOpenFileNameW

gdi32

CreatePen
InvertRgn
ExtCreatePen
GetBoundsRect
GetDCOrgEx
GetClipRgn
GetCharacterPlacementW
ExtTextOutA
SelectClipRgn
CreateBitmap
GetKerningPairsW
GetTextFaceA
SetTextJustification
SetMapperFlags
ExcludeClipRect
BitBlt
GetRegionData

advapi32

CryptDuplicateHash
CryptEncrypt
CreateServiceW
LookupAccountNameA
RegSetValueExW
CryptDeriveKey
CryptGetDefaultProviderA
RegCreateKeyExW
CryptDuplicateKey
CryptEnumProviderTypesW
RegCloseKey
CreateServiceA
RegEnumKeyExA
RegRestoreKeyA
CryptReleaseContext
LogonUserW
RegConnectRegistryW
RegEnumKeyExW
CryptGenKey
CryptHashData

wininet

ShowX509EncodedCertificate
FtpRenameFileW
InternetCreateUrlW
InternetGetConnectedStateExW
GetUrlCacheConfigInfoW
FtpOpenFileA
FtpCommandW
InternetSetOptionExW
RetrieveUrlCacheEntryFileW
InternetGoOnlineA
InternetCheckConnectionW
InternetGetCookieW
InternetCombineUrlW
HttpSendRequestExA
FtpCreateDirectoryW
InternetUnlockRequestFile
InternetGetCertByURLA
FindFirstUrlCacheEntryA
FindNextUrlCacheEntryA
RegisterUrlCacheNotification
InternetLockRequestFile
FtpRenameFileA
InternetSetCookieW
FindNextUrlCacheContainerA

kernel32

GetModuleHandleA
GetModuleFileNameW
GetEnvironmentStringsW
TlsFree
TlsGetValue
RtlUnwind
GetTimeFormatA
GetCPInfo
SetConsoleCtrlHandler
GetCurrentThreadId
GetProcAddress
HeapDestroy
EnterCriticalSection
GetVersionExA
LocalUnlock
GetStartupInfoW
SetConsoleTitleW
GetLastError
GetCurrentProcess
InterlockedExchange
GetStringTypeA
InterlockedDecrement
HeapValidate
UnhandledExceptionFilter
OpenEventW
LCMapStringA
TlsAlloc
CompareStringW
VirtualFree
SetUnhandledExceptionFilter
FreeEnvironmentStringsA
ExitProcess
HeapAlloc
WriteConsoleOutputCharacterA
GetCommandLineA
InitializeCriticalSection
GetCurrentProcessId
GetEnvironmentStrings
CreateProcessW
QueryPerformanceCounter
SetHandleCount
GetOEMCP
LCMapStringW
GetDateFormatA
GetStringTypeW
LeaveCriticalSection
FreeEnvironmentStringsW
IsValidLocale
TerminateProcess
HeapSize
GetFileType
GetUserDefaultLCID
Sleep
GetLocaleInfoW
GetStdHandle
VirtualQuery
WideCharToMultiByte
EnumSystemLocalesA
GetProcessHeap
GetStartupInfoA
InterlockedIncrement
HeapCreate
HeapReAlloc
FreeLibrary
GlobalGetAtomNameW
GetACP
TlsSetValue
EnumSystemLocalesW
WriteFile
GetSystemTimeAsFileTime
HeapFree
SetEnvironmentVariableA
GetCurrentDirectoryW
GetTickCount
GetModuleFileNameA
GetTimeZoneInformation
IsValidCodePage
CompareStringA
GetCurrentThread
SetLastError
PulseEvent
IsDebuggerPresent
DeleteCriticalSection
VirtualAlloc
GetCommandLineW
GetLocaleInfoA
LoadLibraryA
MultiByteToWideChar

shell32

RealShellExecuteExA
SHGetDiskFreeSpaceA
SHAppBarMessage
SHGetPathFromIDList

Sections

.text
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 311KB - Virtual size: 310KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

02f3b346c573902220575047b31a0204

Headers

File Characteristics

Imports

comdlg32

gdi32

advapi32

wininet

kernel32

shell32

Sections

.text Size: 152KB - Virtual size: 151KB

.data Size: 311KB - Virtual size: 310KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 152KB - Virtual size: 151KB

.data
Size: 311KB - Virtual size: 310KB

.rsrc
Size: 5KB - Virtual size: 4KB