e074da5c0b5c5f8c44d53b880badaea0_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

e074da5c0b5c5f8c44d53b880badaea0_NeikiAnalytics
Size

156KB
MD5

e074da5c0b5c5f8c44d53b880badaea0
SHA1

1f56d740b83945d0023422043f80d6e80dc171a6
SHA256

3191a0a7f30543908f67c9b20308f9003ea8e0ee082188bf8222cbb1e48a5cd5
SHA512

7bb9718324a4bfa9785974afe5da3cef95cc3b699a711aff604e40e51533af572135eb3d9637aa02acc974718df4271fa6cb73754df545525d91c657216329e3
SSDEEP

1536:BRwQFruEfIbB8t2hii+6/p9L5mJpCdxtGyqCMN0DgC:BJru8Iq2aEp/m+HtGyq/N0DgC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e074da5c0b5c5f8c44d53b880badaea0_NeikiAnalytics

Files

e074da5c0b5c5f8c44d53b880badaea0_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

f1071ac6a618c4d1e859dbc334b89d6b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetOpenUrlA
InternetCloseHandle
HttpQueryInfoW
InternetOpenW
InternetOpenUrlW
InternetCanonicalizeUrlW
InternetCrackUrlA
InternetReadFile
InternetCanonicalizeUrlA

ole32

CoInitialize
CoCreateInstance

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetSpecialFolderLocation

ws2_32

gethostbyname
WSAStartup
WSACleanup

shlwapi

PathGetCharTypeW

kernel32

GetSystemDefaultLangID
RtlUnwind
ReadFile
GetFileSize
CreateFileMappingA
MapViewOfFile
RtlMoveMemory
lstrlenA
GetLastError
InitializeCriticalSection
CreateEventA
CloseHandle
lstrcmpA
lstrcpynA
LockResource
LoadResource
ExitProcess
lstrcpyA
MulDiv
Sleep
CreateThread
ResetEvent
SetEvent
GetTickCount
TerminateThread
ExitThread
lstrcatA
WaitForSingleObject
CreateProcessA
FlushFileBuffers
WriteFile
SetFilePointer
GetVersionExA
GetModuleFileNameA
GetDiskFreeSpaceExA
CreateDirectoryA
CreateFileA
SystemTimeToFileTime
GetSystemTime
CreateMutexA
MoveFileA
DeleteFileA
OutputDebugStringA
CopyFileA
GetWindowsDirectoryA
VirtualQuery
SizeofResource
FreeLibrary
LoadLibraryA
CompareStringA
InterlockedExchange
GetModuleHandleA
GetSystemDirectoryA
SetLastError
HeapAlloc
GetProcessHeap
HeapFree
HeapReAlloc
GetStartupInfoA
GetCommandLineA
UnmapViewOfFile
VirtualProtect
RtlZeroMemory

user32

ShowWindow
GetDlgItem
SetFocus
GetDC
SendMessageA
IsWindowVisible
EnableMenuItem
GetSystemMenu
InvalidateRect
SetWindowPos
SetForegroundWindow
CreateDialogParamA
GetMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
SetDlgItemTextA
GetDlgItemTextA
GetWindowTextA
CharLowerA

gdi32

GetDeviceCaps
CreateFontIndirectA

advapi32

RegFlushKey
CloseServiceHandle
RegDeleteValueA
RegQueryValueExA
RegCreateKeyExA
RegEnumKeyExA
RegDeleteKeyA
OpenSCManagerW
RegSetValueExA
RegOpenKeyExA
RegCloseKey

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f1071ac6a618c4d1e859dbc334b89d6b

Headers

File Characteristics

Imports

wininet

ole32

shell32

ws2_32

shlwapi

kernel32

user32

gdi32

advapi32

Sections

.text Size: 56KB - Virtual size: 55KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 8KB - Virtual size: 36KB

.rsrc Size: 80KB - Virtual size: 76KB

.text
Size: 56KB - Virtual size: 55KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 8KB - Virtual size: 36KB

.rsrc
Size: 80KB - Virtual size: 76KB