a48cffb9d7a45517aa89a3400ec66210_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

a48cffb9d7a45517aa89a3400ec66210_NeikiAnalytics
Size

4.2MB
MD5

a48cffb9d7a45517aa89a3400ec66210
SHA1

cb55e15e22d1a867586c6fef99d7baa9a5ec59b6
SHA256

d9156b9e4a4011c945b4b6cabcf3fcf0b75f9dba79eb056f196903ca5ea13810
SHA512

45608fbee81c3a5e176a01b8dd8106864cf24daeacf4e111368b2a613f73b858d357804e10ece6d7ffae678b8a6a296efdfb2e3b67fdf0b47719b719dd9bac82
SSDEEP

98304:81UvHxHrMrSo1FSlXjDwV5pic9BInx+vKPl51EQsS4Ex3HxHSb31n:RjySlXXuic9BIMq51sSbZtIn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a48cffb9d7a45517aa89a3400ec66210_NeikiAnalytics

Files

a48cffb9d7a45517aa89a3400ec66210_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

21d602d8a83ba841e6ae1a0a82ac32cb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SendMessageTimeoutA
MessageBoxA
MessageBeep
DdeUninitialize
DdeNameService
DdeDisconnect
DdeGetData
DdeFreeDataHandle
DdeUnaccessData
DdeAccessData
DdeAbandonTransaction
DdeClientTransaction
DdeCreateDataHandle
DdeFreeStringHandle
DdeConnect
DdeCreateStringHandleA
DdeInitializeA
DdeQueryStringA
DestroyWindow
IsWindow
EnumWindows
CreateWindowExA
RegisterClassExA
SetWindowLongA
DefWindowProcA
PostMessageA
GetWindowLongA
DdeGetLastError
WaitForInputIdle
wsprintfA
CharLowerW
CharLowerA
RegisterClassA
UnregisterClassA
SendMessageA
GetSysColorBrush
DrawEdge
DrawFrameControl
SetCursor
LoadCursorFromFileA
ToAscii
VkKeyScanA
SetCapture
ReleaseCapture
SetCursorPos
GetKeyState
SetScrollInfo
SystemParametersInfoA
GetMenuCheckMarkDimensions
GetCapture
LoadBitmapA
GetSysColor
MapVirtualKeyA
CreateMenu
GetAsyncKeyState
TrackPopupMenu
GetCursorPos
GetMenuItemCount
RemoveMenu
GetSystemMenu
DestroyMenu
CreatePopupMenu
ScrollWindowEx
SetClipboardData
IsClipboardFormatAvailable
GetClipboardData
FillRect
SendInput
CreateCaret
SetCaretPos
BeginPaint
EndPaint
DestroyCaret
GetMessagePos
ScreenToClient
GetClipboardOwner
OpenClipboard
EmptyClipboard
CloseClipboard
GetKeyboardLayout
CallWindowProcA
SetWindowTextA
InsertMenuA
GetWindowTextA
CallWindowProcW
DefWindowProcW
RegisterClassW
CreateWindowExW
InsertMenuW
GetWindowTextW
SetForegroundWindow
IsWindowVisible
InvalidateRect
GetDC
ReleaseDC
WindowFromPoint
ClientToScreen
IsIconic
IsZoomed
AdjustWindowRectEx
GetSystemMetrics
MoveWindow
GetWindowRect
GetClientRect
DrawMenuBar
CreateIconFromResource
CreateIconIndirect
SetClassLongA
DestroyIcon
ShowWindow
GetFocus
GetForegroundWindow
GetDesktopWindow
GetWindowPlacement
GetWindow
SetParent
SetMenu
SetWindowPos
SetActiveWindow
SetFocus
LoadIconA
LoadCursorA
GetClassLongA
DrawFocusRect
CallNextHookEx
SetWindowsHookExW
UnhookWindowsHookEx
wsprintfW
UpdateWindow
GetParent
SendMessageW
SetWindowLongW
GetWindowLongW
SetWindowTextW
EnableWindow
PeekMessageA
MsgWaitForMultipleObjectsEx
TranslateMessage
SetTimer
KillTimer
PostQuitMessage
GetMessageA
DispatchMessageA
MessageBoxW

advapi32

RegSetValueExW
GetSecurityDescriptorOwner
RegQueryValueExW
RegOpenKeyExW
RegEnumValueW
RegEnumKeyExW
RegEnumKeyW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegConnectRegistryW
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegEnumValueA
RegEnumKeyExA
RegEnumKeyA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegConnectRegistryA
RegCloseKey
GetUserNameW
GetUserNameA
GetSidIdentifierAuthority

ws2_32

ntohs
select
WSAGetLastError
closesocket
connect
ioctlsocket
listen
bind
socket
gethostbyname
inet_addr
htons
inet_ntoa
accept
recv
send
getsockname
gethostbyaddr
getpeername
getsockopt
WSAAsyncSelect
gethostname
setsockopt
getservbyname
WSAStartup

gdi32

GetTextMetricsA
GetTextFaceA
GetMapMode
SetMapMode
GetObjectA
DPtoLP
RectInRegion
SetRectRgn
CreateRectRgn
CombineRgn
GetRgnBox
CreateRectRgnIndirect
ExtTextOutA
ExtCreatePen
Arc
Chord
Pie
GetStockObject
Polygon
SetPolyFillMode
Polyline
CreatePatternBrush
CreateFontIndirectA
CreateCompatibleBitmap
CreatePen
Rectangle
SetROP2
CreateDIBitmap
SetBkColor
SetTextColor
SelectClipRgn
OffsetClipRgn
BitBlt
SetBkMode
DeleteDC
CreateCompatibleDC
SelectObject
GetBkMode
GetDIBits
CreateBitmap
CreateSolidBrush
TranslateCharsetInfo
GetDeviceCaps
SelectPalette
RealizePalette
CreateDIBSection
DeleteObject
CreateDCA
StretchDIBits
EnumFontFamiliesA
EnumFontFamiliesW
PatBlt
GetTextExtentPointA
GetCharWidthA
GetCharWidthW
GetTextFaceW
GetTextExtentPoint32A
TextOutA
GetTextExtentPoint32W
TextOutW
CreateFontIndirectW
GetTextCharset
GetFontData
GetPixel
UpdateColors
GetNearestColor
SetPaletteEntries
ResizePalette
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
SetBrushOrgEx
SetTextAlign

comdlg32

CommDlgExtendedError
GetSaveFileNameW
GetOpenFileNameW
ChooseColorW

imm32

ImmGetContext
ImmGetCompositionStringW
ImmGetCompositionStringA
ImmReleaseContext
ImmSetCompositionWindow

comctl32

InitCommonControlsEx

shell32

SHGetPathFromIDListW
SHBrowseForFolderW
SHGetMalloc
SHGetDesktopFolder

kernel32

BuildCommDCBA
CopyFileA
CreateDirectoryA
CreateProcessA
DeleteFileA
FindFirstFileA
FindNextFileA
GetComputerNameA
GetCurrentDirectoryA
GetFileAttributesA
GetFullPathNameA
GetShortPathNameA
GetTempFileNameA
GetTempPathA
GetVolumeInformationA
LoadLibraryExA
lstrcpyA
MoveFileA
RemoveDirectoryA
SearchPathA
SetCurrentDirectoryA
SetFileAttributesA
ReadConsoleA
WriteConsoleA
BuildCommDCBW
CopyFileW
CreateDirectoryW
CreateFileW
CreateProcessW
DeleteFileW
FindFirstFileW
FindNextFileW
GetComputerNameW
GetCurrentDirectoryW
DeleteCriticalSection
GetFullPathNameW
GetShortPathNameW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
HeapFree
GetProcessHeap
HeapAlloc
QueryPerformanceCounter
QueryPerformanceFrequency
GetTimeZoneInformation
WaitForSingleObjectEx
GetSystemTimeAsFileTime
SetLastError
VirtualProtect
VirtualFree
VirtualAlloc
WideCharToMultiByte
ExitThread
MapViewOfFile
CreateFileMappingA
FlushFileBuffers
UnmapViewOfFile
GetVersionExA
SetHandleInformation
DeviceIoControl
FindClose
GetTempFileNameW
GetTempPathW
GetVolumeInformationW
LoadLibraryExW
lstrcpyW
MoveFileW
RemoveDirectoryW
SearchPathW
SetCurrentDirectoryW
SetFileAttributesW
ReadConsoleW
WriteConsoleW
LoadLibraryW
GetProcAddress
GetVersionExW
FreeLibrary
GetSystemInfo
GetACP
GetModuleFileNameW
GetModuleFileNameA
VirtualQuery
GetEnvironmentVariableA
lstrcmpiA
GetModuleHandleA
WaitForMultipleObjects
PeekNamedPipe
GetWindowsDirectoryA
GetPrivateProfileStringA
GetWindowsDirectoryW
lstrlenW
GetFileInformationByHandle
GetCurrentThread
SetFileTime
SetEndOfFile
GetCommState
GetConsoleMode
GetFileType
Sleep
GetLogicalDriveStringsA
PeekConsoleInputA
SetConsoleMode
GetConsoleCP
PurgeComm
ClearCommError
GetOverlappedResult
SetCommTimeouts
SetupComm
EscapeCommFunction
SetCommState
GetCommModemStatus
GetVersion
GetTickCount
MulDiv
GetLocaleInfoA
IsDBCSLeadByte
GlobalUnlock
GlobalLock
GlobalAlloc
LockResource
LoadResource
FindResourceA
TerminateProcess
GetStartupInfoA
GetCommandLineA
InterlockedDecrement
InterlockedIncrement
RtlUnwind
HeapReAlloc
SetStdHandle
GetSystemTime
GetLocalTime
GetCPInfo
IsValidLocale
IsValidCodePage
EnumSystemLocalesA
GetUserDefaultLCID
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
HeapDestroy
HeapCreate
RaiseException
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
HeapSize
GetOEMCP
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetLocaleInfoW
GetExitCodeProcess
ResetEvent
GetExitCodeThread
SetEvent
TerminateThread
LoadLibraryA
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
GetEnvironmentVariableW
InitializeCriticalSection
GetCurrentProcessId
GetFileAttributesW
CreateThread
CreateEventA
SetThreadPriority
ReadFile
GetCurrentProcess
DuplicateHandle
CreateFileA
GetStdHandle
CreatePipe
WriteFile
CloseHandle
GetLastError
SetFilePointer
WaitForSingleObject
GlobalGetAtomNameA
GlobalAddAtomA
GlobalDeleteAtom
ExitProcess
MultiByteToWideChar
DebugBreak
LocalAlloc
FormatMessageA
LocalFree
FormatMessageW
OutputDebugStringA

Exports

Exports

TclKit_AppInit
TclKit_SetKitPath

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 196KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 404KB - Virtual size: 402KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

21d602d8a83ba841e6ae1a0a82ac32cb

Headers

File Characteristics

Imports

user32

advapi32

ws2_32

gdi32

comdlg32

imm32

comctl32

shell32

kernel32

Exports

Exports

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 100KB - Virtual size: 98KB

.data Size: 196KB - Virtual size: 212KB

.rsrc Size: 404KB - Virtual size: 402KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 100KB - Virtual size: 98KB

.data
Size: 196KB - Virtual size: 212KB

.rsrc
Size: 404KB - Virtual size: 402KB