91417166d91cbf75b2ede7ee76d12d50_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

91417166d91cbf75b2ede7ee76d12d50_NeikiAnalytics.exe
Size

3.4MB
MD5

91417166d91cbf75b2ede7ee76d12d50
SHA1

077928a6d63a84f8aa810c3a429726819e83a967
SHA256

340a454488b0d1ae1afdbf75d70375c645656f42a59719e9ed0a5402e4a03208
SHA512

cd7a6800c03f84a01e889a70f7fb9890f57ae07fcb27efb70ed7474d2bd6053261239645c8ef7d7818669e153619a2b413b0d52691de4ae2b79f3b90024dfaab
SSDEEP

49152:bNZvvvaJsvo4F8ceqdfHZZZZZwHLxe/b/7LmWKWs9Li5de6QUkpz:r/yuZZZZZwrxe/b/7aWKWs925de6AV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
91417166d91cbf75b2ede7ee76d12d50_NeikiAnalytics.exe

Files

91417166d91cbf75b2ede7ee76d12d50_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

61a54a36bd09d783fc728bf720daec5c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

waveOutSetVolume
mciSendStringW
timeGetTime

mpr

WNetAddConnection2W
WNetGetConnectionW
WNetUseConnectionW
WNetCancelConnection2W

comctl32

ImageList_BeginDrag
ImageList_Destroy
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_EndDrag
ImageList_Remove
ImageList_ReplaceIcon
ImageList_SetDragCursorImage
InitCommonControlsEx
ImageList_Create

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

kernel32

GetExitCodeProcess
GetFileAttributesW
GetFileSize
GetFileType
GetFullPathNameW
GetLastError
GetLocaleInfoA
GetLocalTime
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetOEMCP
GetPrivateProfileSectionNamesW
GetPrivateProfileSectionW
GetPrivateProfileStringW
GetProcessHeap
GetShortPathNameW
GetStartupInfoA
GetStartupInfoW
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemDirectoryW
GetSystemInfo
GetTempFileNameW
SetSystemPowerState
GetTempPathW
GetTimeFormatA
GetTimeZoneInformation
GetVersionExW
GetVolumeInformationW
GetWindowsDirectoryW
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
HeapAlloc
HeapCreate
HeapFree
HeapReAlloc
HeapSize
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsValidCodePage
LCMapStringA
LCMapStringW
GetEnvironmentVariableW
LoadLibraryW
LoadResource
LocalFileTimeToFileTime
LockResource
lstrcmpiW
MoveFileW
MulDiv
MultiByteToWideChar
OpenProcess
OutputDebugStringW
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadFile
ReadProcessMemory
RemoveDirectoryW
ResumeThread
SetCurrentDirectoryW
SetEndOfFile
SetEnvironmentVariableA
SetEnvironmentVariableW
SetErrorMode
SetEvent
SetFileAttributesW
SetFileTime
SetHandleCount
SetLastError
SetPriorityClass
SetStdHandle
SetUnhandledExceptionFilter
SetVolumeLabelW
SizeofResource
Sleep
SystemTimeToFileTime
TerminateProcess
TerminateThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAllocEx
VirtualFreeEx
WaitForSingleObject
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile
WritePrivateProfileSectionW
WritePrivateProfileStringW
WriteProcessMemory
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
GetEnvironmentStringsW
GetDriveTypeW
GetDiskFreeSpaceW
GetDiskFreeSpaceExW
GetDateFormatA
GetCurrentThreadId
GetCurrentProcessId
GetCurrentDirectoryW
GetCPInfo
GetConsoleOutputCP
GetConsoleMode
GetConsoleCP
GetComputerNameW
GetCommandLineW
GetACP
FreeLibrary
FreeEnvironmentStringsW
FormatMessageW
FlushFileBuffers
FindResourceW
FindNextFileW
FindFirstFileW
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
ExitThread
ExitProcess
RtlUnwind
EnumResourceNamesW
DuplicateHandle
DeviceIoControl
DeleteFileW
DeleteCriticalSection
CreateThread
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
CreateProcessW
CreatePipe
CreateFileW
CreateFileA
CreateEventW
CreateDirectoryW
CopyFileW
CompareStringW
CompareStringA
CloseHandle
Beep
GetSystemTimeAsFileTime
GetCommandLineA
InitializeCriticalSection
EnterCriticalSection
GetTickCount
LeaveCriticalSection
LoadLibraryA
GetModuleHandleW
GetProcAddress
VirtualFree
VirtualAlloc
GetEnvironmentStrings
FreeEnvironmentStringsA
GetCurrentProcess
GetVersion
LoadLibraryExW

user32

IsCharAlphaW
IsCharLowerW
IsCharUpperW
IsClipboardFormatAvailable
IsDialogMessageW
IsDlgButtonChecked
IsIconic
IsMenu
IsWindow
IsWindowEnabled
IsWindowVisible
IsZoomed
keybd_event
KillTimer
LoadCursorW
LoadIconW
LoadImageW
LoadStringW
LockWindowUpdate
MapVirtualKeyW
MessageBeep
MessageBoxA
MessageBoxW
mouse_event
MoveWindow
OpenClipboard
OpenDesktopW
OpenWindowStationW
PeekMessageW
PostMessageW
PostQuitMessage
PtInRect
RedrawWindow
RegisterClassExW
RegisterHotKey
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
ScreenToClient
SendDlgItemMessageW
SendMessageTimeoutW
SendMessageW
SetActiveWindow
SetCapture
SetClipboardData
SetCursor
SetFocus
SetForegroundWindow
SetKeyboardState
SetMenu
SetMenuDefaultItem
SetMenuItemInfoW
SetProcessWindowStation
SetRect
SetTimer
SetUserObjectSecurity
SetWindowLongW
SetWindowPos
SetWindowTextW
ShowWindow
SystemParametersInfoW
TrackPopupMenuEx
TranslateAcceleratorW
TranslateMessage
UnregisterHotKey
VkKeyScanW
WindowFromPoint
wsprintfW
IsCharAlphaNumericW
GetSubMenu
GetProcessWindowStation
GetParent
GetMessageW
GetMenuStringW
GetMenuItemInfoW
GetMenuItemID
GetMenuItemCount
GetKeyState
GetKeyboardState
GetKeyboardLayoutNameW
GetForegroundWindow
GetFocus
GetDlgItem
GetDlgCtrlID
GetDesktopWindow
GetDC
GetCursorPos
GetClipboardData
GetClientRect
GetClassNameW
GetClassLongW
GetCaretPos
GetAsyncKeyState
GetActiveWindow
FrameRect
FlashWindow
FindWindowW
FindWindowExW
FillRect
ExitWindowsEx
EnumWindows
EnumThreadWindows
EnumChildWindows
EndPaint
EndDialog
EnableWindow
EmptyClipboard
DrawTextW
DrawMenuBar
DrawFrameControl
DrawFocusRect
DialogBoxParamW
DestroyWindow
DestroyMenu
DestroyIcon
DestroyAcceleratorTable
DeleteMenu
DefWindowProcW
DefDlgProcW
CreateWindowExW
CreatePopupMenu
CreateMenu
CreateIconFromResourceEx
CreateAcceleratorTableW
CountClipboardFormats
CopyRect
CopyImage
CloseWindowStation
CloseDesktop
CloseClipboard
ClientToScreen
CheckMenuRadioItem
CharUpperBuffW
CharNextW
CharLowerBuffW
BeginPaint
AttachThreadInput
AdjustWindowRectEx
InvalidateRect
InsertMenuItemW
InflateRect
GetWindowThreadProcessId
GetWindowTextW
GetWindowTextLengthW
GetWindowLongW
GetWindowRect
GetWindowDC
GetUserObjectSecurity
GetSystemMetrics
GetSysColor
GetSysColorBrush
DispatchMessageW

gdi32

MoveToEx
LineTo
GetTextFaceW
GetTextExtentPoint32W
GetStockObject
GetObjectW
GetDIBits
GetDeviceCaps
ExtCreatePen
EndPath
StrokePath
StrokeAndFillPath
StretchBlt
SetViewportOrgEx
SetTextColor
PolyDraw
SetBkMode
SetBkColor
SelectObject
RoundRect
GetPixel
Rectangle
Ellipse
DeleteDC
CreateSolidBrush
CreateFontW
CreateDCW
CreateCompatibleDC
CreateCompatibleBitmap
CloseFigure
SetPixel
AngleArc
BeginPath

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

SetSecurityDescriptorDacl
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegConnectRegistryW
RegCloseKey
OpenThreadToken
OpenSCManagerW
OpenProcessToken
LookupPrivilegeValueW
LogonUserW
LockServiceDatabase
InitializeSecurityDescriptor
InitializeAcl
GetUserNameW
GetTokenInformation
GetSecurityDescriptorDacl
GetLengthSid
GetAclInformation
GetAce
DuplicateTokenEx
CreateProcessAsUserW
CopySid
CloseServiceHandle
AdjustTokenPrivileges
AddAce
UnlockServiceDatabase

shell32

ShellExecuteExW
Shell_NotifyIconW
ExtractIconExW
DragQueryPoint
DragQueryFileW
DragFinish
ShellExecuteW

ole32

CoTaskMemFree
CoTaskMemAlloc
StringFromIID
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
OleUninitialize
StringFromCLSID
OleSetMenuDescriptor
OleSetContainedObject
OleInitialize
MkParseDisplayName
IIDFromString
CreateStreamOnHGlobal
CreateBindCtx
CoInitialize
CoUninitialize

Sections

.text
Size: 760KB - Virtual size: 756KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cab5
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

61a54a36bd09d783fc728bf720daec5c

Headers

File Characteristics

Imports

winmm

mpr

comctl32

version

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

Sections

.text Size: 760KB - Virtual size: 756KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 12KB - Virtual size: 20KB

.rsrc Size: 1.5MB - Virtual size: 1.5MB

.cab5 Size: 1.2MB - Virtual size: 1.2MB

.text
Size: 760KB - Virtual size: 756KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 12KB - Virtual size: 20KB

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

.cab5
Size: 1.2MB - Virtual size: 1.2MB