051dacf87d6aa73353f732d304f433d0_NeikiAnalytics

Sharing

Copy URL

Twitter E-mail

General

Target

051dacf87d6aa73353f732d304f433d0_NeikiAnalytics
Size

262KB
MD5

051dacf87d6aa73353f732d304f433d0
SHA1

b18e6b290aa315cfe7b3b8ef2c001f85378abef0
SHA256

861308151d5c9b95a887aa814cb159a5b70a6d5b0576bec2ae87bea64c6f4ca8
SHA512

4d93f07e541eccdf1cd19bf5bf9b2738abb9bebf16b173d9cd291102d1b1d410b3710f76dbf276eb60985a0eda43f47ef8c64a96668ea32a1e1ae2594407182a
SSDEEP

3072:LzWeE21uq6uZcxQfVVVVj/c9s7zN61k1w2m9rdb7wHBZbxu6Rl8MtT4p4dYfyO7U:LP1uCckVVLc4JC4VM2HrbxrSMSpFB7A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
051dacf87d6aa73353f732d304f433d0_NeikiAnalytics

Files

051dacf87d6aa73353f732d304f433d0_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

92f37d4bf5b2faf332a723fd20d09322

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetCharABCWidthsFloatW
GetEnhMetaFileDescriptionW
PatBlt
SetDIBColorTable
SetStretchBltMode
GetEnhMetaFileA
GetStockObject
CreateFontW
GetColorSpace
Arc
SetDIBitsToDevice
ChoosePixelFormat
GetGlyphOutlineA
EnumICMProfilesW
DeleteColorSpace
CreateBitmap
LPtoDP
SetEnhMetaFileBits
EnumFontFamiliesExA
SetAbortProc
CreateEnhMetaFileW
AddFontResourceW
GetRgnBox

wininet

InternetOpenUrlA
FindFirstUrlCacheContainerA
ReadUrlCacheEntryStream
FtpPutFileW
GopherGetLocatorTypeW
HttpSendRequestExW
InternetWriteFileExW
HttpAddRequestHeadersW
ShowSecurityInfo
InternetQueryFortezzaStatus
GopherGetAttributeW
UrlZonesDetach
GopherCreateLocatorW
SetUrlCacheGroupAttributeW

advapi32

DuplicateTokenEx
CreateServiceA
CryptGenRandom
RegQueryInfoKeyW
CryptDecrypt
CryptSetProviderW
RegRestoreKeyW
RegEnumKeyW

shell32

CheckEscapesW
RealShellExecuteExA
SHGetPathFromIDList
ExtractIconExA
DoEnvironmentSubstA
DragAcceptFiles
SHGetPathFromIDListW
SHLoadInProc
FindExecutableA
ExtractAssociatedIconExW
SHEmptyRecycleBinA
ShellExecuteEx
SHFileOperation

kernel32

VirtualQuery
SetEnvironmentVariableA
HeapFree
EnterCriticalSection
CompareStringW
VirtualFree
TerminateProcess
FreeEnvironmentStringsW
GetOEMCP
EnumSystemLocalesA
InterlockedIncrement
GetStdHandle
GetThreadPriorityBoost
GetShortPathNameA
GetTimeFormatA
TlsGetValue
GetProcAddress
CompareStringA
IsDebuggerPresent
GetLocaleInfoA
LCMapStringA
GetTimeZoneInformation
GetCommandLineA
InterlockedDecrement
FreeLibrary
GetACP
GetUserDefaultLCID
QueryPerformanceCounter
GetCurrentProcess
GetTickCount
ExitProcess
TlsSetValue
GetModuleHandleW
GetModuleHandleA
MultiByteToWideChar
GetStartupInfoA
Sleep
GetCurrentThread
HeapAlloc
WriteFile
LeaveCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
HeapReAlloc
SetLastError
TlsAlloc
GetCPInfo
GetStringTypeW
WideCharToMultiByte
GetEnvironmentStringsW
LCMapStringW
DeleteCriticalSection
HeapCreate
UnhandledExceptionFilter
LoadLibraryA
GetLastError
GetCurrentProcessId
TlsFree
GetFileType
SetLocaleInfoW
GetModuleFileNameA
GetConsoleScreenBufferInfo
HeapSize
GetCurrentThreadId
InterlockedExchange
RtlUnwind
HeapDestroy
IsValidCodePage
GetSystemTimeAsFileTime
GetDateFormatA
VirtualAlloc
SetHandleCount
GetLocaleInfoW
SetConsoleCtrlHandler
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
GetStringTypeA
IsValidLocale

Sections

.text
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

92f37d4bf5b2faf332a723fd20d09322

Headers

File Characteristics

Imports

gdi32

wininet

advapi32

shell32

kernel32

Sections

.text Size: 137KB - Virtual size: 136KB

.data Size: 113KB - Virtual size: 112KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 137KB - Virtual size: 136KB

.data
Size: 113KB - Virtual size: 112KB

.rsrc
Size: 11KB - Virtual size: 10KB