b3e75ee73bf25d699f4ba2fbe216ae50_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

b3e75ee73bf25d699f4ba2fbe216ae50_NeikiAnalytics
Size

212KB
MD5

b3e75ee73bf25d699f4ba2fbe216ae50
SHA1

c7e4d1deb8670a7a480a9037b381486d2580e84b
SHA256

61f6669704295a23cfddff31102fe49e64dc80a71fe1ac21f3ed2b5b4e4b6fab
SHA512

d31d10d6c64273aeee66b18c1356c1e4997b2a333c881e8413eb4f3db347fdcb1b3ef7f9185e4e978c1bc1c87704679d3cd57d401072ae9a9d629b8fefd1dedc
SSDEEP

3072:ensmoMFyNTYTSt+KsfL0a8wlEfJhmrcnUd8DfxwMHuWBNVeJrv3FtDI:eSMFw60a8wlEfwcUd8zBNVMrv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b3e75ee73bf25d699f4ba2fbe216ae50_NeikiAnalytics

Files

b3e75ee73bf25d699f4ba2fbe216ae50_NeikiAnalytics
.dll windows:4 windows x86 arch:x86

264d5b8021e6c084012c906e3b0d5903

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetCurrentProcessId
GetCurrentThreadId
CreateMutexA
GetProcAddress
GetVersionExA
GetModuleHandleA
GetThreadPriority
GetCurrentThread
CloseHandle
GetTickCount
IsBadReadPtr
GetProcessVersion
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
lstrcmpiA
ExpandEnvironmentStringsA
WriteProfileStringA
GetProfileStringA
OutputDebugStringA
Sleep
GetSystemDirectoryA
GetACP
WriteFile
GetTempPathA
ReadFile
SetPriorityClass
CreateFileA
lstrcmpA
GlobalGetAtomNameA
lstrcatA
GetModuleFileNameW
lstrlenA
lstrcpyA
OpenMutexA
GetLastError
ReleaseMutex
GetModuleFileNameA
SetThreadPriority
FreeLibrary
IsBadCodePtr
VirtualLock
VirtualUnlock
VirtualFree
GetProcessHeap
HeapAlloc
HeapFree
GetModuleHandleW
VirtualAlloc
SetEvent
WaitForSingleObject
CreateEventA
CreateThread
QueryPerformanceFrequency
QueryPerformanceCounter
GetVersion
GetCurrentProcess
OpenProcess

user32

GetWindowLongW
SystemParametersInfoA
SetRect
InflateRect
MessageBoxA
ShowCursor
GetIconInfo
BeginPaint
GetWindowTextA
EndPaint
DefWindowProcA
GetPropA
wsprintfA
RegisterClassA
CreateWindowExA
SetCursorPos
GetMessageExtraInfo
EnumChildWindows
SetWindowLongA
PostMessageA
CallNextHookEx
IsWindow
GetFocus
HideCaret
ShowCaret
GetCaretPos
ClientToScreen
PtInRect
GetClientRect
LoadBitmapA
SetThreadDesktop
GetThreadDesktop
OpenInputDesktop
CloseDesktop
EqualRect
GetForegroundWindow
CallWindowProcA
SendMessageA
CopyRect
IntersectRect
IsRectEmpty
GetDC
PeekMessageA
GetWindow
EnumWindows
GetWindowRect
GetWindowRgn
GetWindowDC
ReleaseDC
WindowFromDC
GetWindowLongA
LoadStringA
GetClassNameA
GetCursor
GetSystemMetrics
GetCursorPos
UnhookWindowsHookEx
DestroyWindow
RegisterWindowMessageA
SendMessageTimeoutA
RedrawWindow
GetWindowThreadProcessId
FindWindowA
GetDesktopWindow
GetParent
SetWindowsHookExA
KillTimer
SetTimer
GetLastActivePopup
IsIconic
ShowWindow
IsWindowVisible
DrawTextA

gdi32

GetWindowOrgEx
SetWindowOrgEx
GetViewportOrgEx
SetViewportOrgEx
SetWindowExtEx
SetViewportExtEx
GetBrushOrgEx
GetObjectType
CreateDCA
SelectObject
BitBlt
CreatePalette
SelectPalette
GetDeviceCaps
CreateCompatibleDC
CreateCompatibleBitmap
GetDIBits
DeleteDC
EqualRgn
CombineRgn
CreateRectRgnIndirect
OffsetRgn
CreateRectRgn
DeleteObject
GetRegionData
GetCurrentObject
GetRgnBox
RestoreDC
SaveDC
SetStretchBltMode
GetStretchBltMode
SetMapMode
GetBoundsRect
SetDIBits
IntersectClipRect
GetROP2
GetBkMode
GetCurrentPositionEx
GetArcDirection
GetDCOrgEx
GetNearestColor
GetPaletteEntries
GetBitmapBits
DescribePixelFormat
GetPixelFormat
PatBlt
GetTextExtentPoint32A
SetBkMode
Rectangle
CreateSolidBrush
PtInRegion
GetPolyFillMode
GetPath
CreateDIBSection
FillRgn
GetGraphicsMode
GetTextMetricsA
GetTextMetricsW
GetTextCharacterExtra
GetTextAlign
GetTextExtentPoint32W
CreateFontIndirectA
SetBkColor
GetBkColor
SetTextColor
GetTextColor
CreateBitmap
RealizePalette
GetSystemPaletteEntries
GetStockObject
SelectClipRgn
GetObjectA
RectInRegion
DPtoLP
LPtoDP
GetViewportExtEx
GetWindowExtEx
GetMapMode
SetBoundsRect

advapi32

StartServiceA
RegQueryInfoKeyA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegFlushKey
RegSetValueExA
ControlService
CloseServiceHandle
OpenServiceA
OpenSCManagerA
CreateServiceA
RegCreateKeyA
RegOpenKeyA
RegCloseKey
RegEnumValueA

msvcrt

_wcsupr
_wcsicmp
_strcmpi
_adjust_fdiv
_initterm
_onexit
__dllonexit
_strnicmp
wcscpy
wcslen
wcsstr
_splitpath
_makepath
free
_purecall
malloc
??3@YAXPAX@Z
memmove

Exports

Exports

AppsEnterSpecialWinMode
AppsEscape
AppsFreeDLL
AppsGetSharingAppCount
AppsIsShared
AppsRecordHostedWindow
AppsRetrieveData
AppsSessionEnd
AppsSessionStart
AppsSetCollaborate
AppsTellDeviceCaps

Sections

.text
Size: 124KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

264d5b8021e6c084012c906e3b0d5903

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

msvcrt

Exports

Exports

Sections

.text Size: 124KB - Virtual size: 121KB

.sdata Size: 36KB - Virtual size: 34KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 8KB - Virtual size: 9KB

.rsrc Size: 20KB - Virtual size: 17KB

.reloc Size: 12KB - Virtual size: 9KB

.text
Size: 124KB - Virtual size: 121KB

.sdata
Size: 36KB - Virtual size: 34KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 8KB - Virtual size: 9KB

.rsrc
Size: 20KB - Virtual size: 17KB

.reloc
Size: 12KB - Virtual size: 9KB