9e0a759a88a87752d662091e932eade0_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

9e0a759a88a87752d662091e932eade0_NeikiAnalytics
Size

320KB
MD5

9e0a759a88a87752d662091e932eade0
SHA1

4cbb5ec557439959a6c882be0cf8ec93d5613bd6
SHA256

a2160c2ce1b6261c767fcd63b4908f42dbcf4f32d095807c417798ea4e77fd5a
SHA512

8598026f75532e1a02b354b2eb070cc82505ebc023ae28a0d9d27a18533da23e007b37306598378bbfc758d756b2056aba8b7edd152ed83768c069edf12946a2
SSDEEP

6144:3fXVMieVI1v5y0YoHpQ0qwK7eIkoyBlBd74lmWEgcQNYgL+vxr9hliSWPSinQ7di:aVI1v5yOHpQ0qwK7eIkoyBlBd74lmWE+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9e0a759a88a87752d662091e932eade0_NeikiAnalytics

Files

9e0a759a88a87752d662091e932eade0_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

dd699122434501b5afeae872d58c1100

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
lstrcatA
FreeLibrary
LoadLibraryA
Sleep
GetModuleHandleA
GetStartupInfoA
ReadFile
GetExitCodeProcess
CreateProcessA
GetTempFileNameA
GlobalDeleteAtom
GetVersion
GetVersionExA
GlobalAddAtomA
lstrcpynA
lstrcpyA
lstrcmpA
GlobalFree
GetTempPathA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetSystemTime
FindFirstFileA
FindNextFileA
FindClose
CreateDirectoryA
SetErrorMode
_lopen
_lclose
GlobalAlloc
GlobalLock
GlobalUnlock
GetCommandLineA
GetTickCount
RemoveDirectoryA
WinExec
GetModuleFileNameA
GetProcAddress

user32

GetWindow
OemToCharA
GetAsyncKeyState
GetActiveWindow
ShowCursor
SetCapture
ReleaseCapture
ScreenToClient
GetCursorPos
GetKeyState
GetWindowRect
SetCursorPos
IsWindowVisible
LockWindowUpdate
SendMessageA
GetWindowLongA
AdjustWindowRectEx
SetWindowPos
GetClientRect
SetWindowTextA
IsDialogMessageA
KillTimer
SetTimer
GetClipboardData
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
IsClipboardFormatAvailable
wsprintfA
PostMessageA
GetClassNameA
EnableMenuItem
GetMenu
CopyRect
DestroyIcon
GetMenuState
DeleteMenu
GetSubMenu
GetDC
CreateIconIndirect
ReleaseDC
LoadIconA
LoadImageA
RegisterClassExA
RegisterClassA
GetSystemMetrics
CreateWindowExA
ShowWindow
IsWindow
UpdateWindow
DestroyWindow
DefWindowProcA
BeginPaint
EndPaint
MsgWaitForMultipleObjects
PeekMessageA
GetMessageA
TranslateMDISysAccel
DispatchMessageA
TranslateMessage
InvertRect
CheckMenuItem
SetRect
GetTopWindow
DialogBoxParamA
MessageBoxA
LoadStringA
EnumThreadWindows
SetForegroundWindow
WinHelpA
InvalidateRect
MapWindowPoints
SetWindowLongA
RedrawWindow
GetDesktopWindow
SetFocus
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
GetParent
SetScrollPos
SetScrollRange
UnionRect
GetPropA
SetPropA
CallWindowProcA
RemovePropA
GetFocus
IsZoomed
GetWindowPlacement
SetWindowPlacement
GetMenuItemCount
LoadMenuIndirectA
DestroyMenu
DrawMenuBar
EndDialog
SendDlgItemMessageA
GetDlgItemTextA
GetInputState
MapVirtualKeyA
GetDlgItem
PtInRect
ClientToScreen
SetDlgItemTextA
ModifyMenuA
GetMenuStringA
GetMenuItemID
GetTabbedTextExtentA
DrawTextA
DrawEdge
FillRect
SystemParametersInfoA
GetSysColor
GetUpdateRect
IsIconic
PostQuitMessage
IntersectRect
DrawFocusRect

gdi32

RealizePalette
GetDeviceCaps
DeleteObject
SetDIBits
CreateCompatibleBitmap
CreateBitmap
CreatePalette
CreateFontIndirectA
GetObjectA
LineTo
MoveToEx
SelectObject
Rectangle
CreatePen
GetStockObject
SetBkMode
SetTextColor
CreateSolidBrush
GetTextExtentPointA
GetCharWidthA
GetTextMetricsA
SetROP2
SetBkColor
GetNearestPaletteIndex
SetTextAlign
DPtoLP
CreateHatchBrush
Polygon
SetPolyFillMode
TextOutA
SelectClipRgn
CreateRectRgn
LPtoDP
SelectPalette

advapi32

RegCloseKey
RegQueryValueA
RegOpenKeyExA
RegOpenKeyA

shell32

DragQueryFileA
DragAcceptFiles
ShellExecuteA

mmfs2

ord110
ord71
ord116
ord109
ord73
ord115
ord108
ord571
ord691
ord46
ord111
ord42
ord113
ord114
ord104
ord171
ord789
ord90
ord93
ord9
ord75
ord412
ord677
ord611
ord234
ord413
ord678
ord612
ord414
ord679
ord443
ord680
ord681
ord232
ord415
ord416
ord476
ord620
ord762
ord236
ord309
ord268
ord267
ord269
ord185
ord162
ord163
ord189
ord182
ord183
ord158
ord177
ord186
ord6
ord7
ord825
ord69
ord798
ord804
ord802
ord807
ord812
ord810
ord800
ord806
ord803
ord809
ord814
ord811
ord797
ord801
ord799
ord805
ord808
ord813
ord193
ord117
ord788
ord92
ord787
ord84
ord591
ord794
ord35
ord18
ord12
ord14
ord68
ord28
ord30
ord682
ord118
ord122
ord484
ord573
ord493
ord750
ord418
ord695
ord23
ord57
ord58
ord22
ord756
ord4
ord2
ord29
ord45
ord37
ord40
ord39
ord27
ord48
ord72
ord790
ord203
ord205
ord204
ord184
ord43
ord64
ord65
ord66
ord81
ord97
ord83
ord74
ord79
ord80
ord187
ord82
ord76
ord78
ord172
ord19
ord286
ord344
ord392
ord546
ord487
ord373
ord264
ord617
ord372
ord419
ord765
ord425
ord430
ord31
ord121
ord423
ord424
ord3
ord255
ord281
ord192
ord120
ord411
ord34
ord153
ord176
ord50
ord168
ord178
ord175
ord77
ord70
ord47
ord105
ord107
ord106
ord94
ord95
ord170
ord554
ord169
ord786
ord98
ord91
ord433
ord420
ord422
ord333
ord536
ord688
ord125
ord67
ord11
ord174
ord51
ord343
ord173
ord587
ord448
ord342
ord445
ord610
ord520
ord585
ord32
ord355
ord740
ord62
ord17
ord16
ord101
ord102
ord742
ord63
ord124
ord123
ord276
ord366
ord249
ord103
ord60
ord61
ord59
ord389
ord755
ord191
ord592
ord795
ord190
ord201
ord195
ord196
ord198
ord199

comctl32

ord17

winmm

timeBeginPeriod
joyGetPosEx
joyGetDevCapsA
timeGetTime
timeEndPeriod

msvcrt

_strlwr
free
_ftol
strstr
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
_strupr
isalnum
isalpha
isdigit
tolower
isspace
_findfirst
_findnext
_findclose
_rmdir
_splitpath
_chdrive
_chdir
strrchr
strchr
_msize
_heapmin
remove
_CIacos
_CIasin
floor
ceil
atof
modf
toupper
strncpy
_stricmp
_CIfmod
_CIpow
_ltoa
sprintf
realloc
calloc
memmove
_strnicmp
??2@YAPAXI@Z
??3@YAXPAX@Z
__CxxFrameHandler
malloc

Sections

.text
Size: 256KB - Virtual size: 254KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dd699122434501b5afeae872d58c1100

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

mmfs2

comctl32

winmm

msvcrt

Sections

.text Size: 256KB - Virtual size: 254KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 16KB - Virtual size: 13KB

.rsrc Size: 32KB - Virtual size: 30KB

.text
Size: 256KB - Virtual size: 254KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 16KB - Virtual size: 13KB

.rsrc
Size: 32KB - Virtual size: 30KB