b423f648b0292e65ad42ce12971f0a60_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

b423f648b0292e65ad42ce12971f0a60_NeikiAnalytics.exe
Size

752KB
MD5

b423f648b0292e65ad42ce12971f0a60
SHA1

3b0c5d174c2397444c6f2f3ce64951f434fc9131
SHA256

5f727d09b79ff347085d4280e3e2aa8612e881f2a06099dbc5a158a849c56300
SHA512

342bb5cc80ce7e4deae5ea273c468670f76f8fd22ac8bfb80d63a8de5c417b0823c3be22b0e94a04fd6819c80a822e9b1c4af84b56b4cb9d953d9b4c15c35665
SSDEEP

12288:f4hHricw88EHFvOZeOp2bpTrzcCUOyfw+md:f4pTXHFvOV2eA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b423f648b0292e65ad42ce12971f0a60_NeikiAnalytics.exe

Files

b423f648b0292e65ad42ce12971f0a60_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

b5002c65ef3b2a39de1f09a33d816614

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfo
GetOEMCP
FileTimeToSystemTime
SetErrorMode
GetTickCount
RtlUnwind
GetTimeZoneInformation
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapFree
ExitThread
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
GetACP
LCMapStringA
LCMapStringW
CompareStringA
CompareStringW
GetStdHandle
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
FindResourceExA
SizeofResource
GetProcessVersion
GetProfileStringA
InterlockedExchange
WritePrivateProfileStringA
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GetThreadLocale
GetFullPathNameA
SetEndOfFile
UnlockFile
LockFile
lstrcpynA
MulDiv
SetLastError
GetVersion
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalUnlock
FindResourceA
LoadResource
LockResource
GlobalFree
SuspendThread
SetThreadPriority
ResumeThread
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GlobalLock
GlobalAlloc
GlobalDeleteAtom
GetCurrentThread
GetModuleHandleA
GetSystemInfo
lstrcmpiA
GetOverlappedResult
FlushFileBuffers
SetFilePointerEx
FormatMessageA
LocalFree
GetCurrentDirectoryA
SetCurrentDirectoryA
GetWindowsDirectoryA
GetVersionExA
GetTempFileNameA
GetFileAttributesExA
GetFileTime
FileTimeToLocalFileTime
GetFileAttributesA
GetFileSize
SetFilePointer
GetTempPathA
ResetEvent
FreeLibrary
LoadLibraryA
GetProcAddress
lstrcmpA
lstrcatA
lstrlenA
WriteFile
WaitForMultipleObjects
ReadFile
PeekNamedPipe
TerminateProcess
GetCurrentThreadId
SetEvent
CreatePipe
GetCurrentProcess
DuplicateHandle
CreateEventA
WaitForSingleObject
CreateProcessA
FindNextFileA
TerminateThread
CreateThread
GetDiskFreeSpaceExA
FindFirstFileA
FindClose
GetExitCodeThread
SetFileAttributesA
DeleteFileA
lstrcpyA
CreateFileA
DeviceIoControl
DefineDosDeviceA
GetDriveTypeA
GetVolumeInformationA
Sleep
CloseHandle
CreateMutexA
GetLastError
SetHandleCount
GetModuleFileNameA

user32

UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
AdjustWindowRectEx
ScreenToClient
CopyRect
GetTopWindow
IsChild
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
CreateWindowExA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
EndDialog
IsWindow
DestroyWindow
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
GetCapture
SetActiveWindow
GetAsyncKeyState
SetFocus
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
MessageBoxA
LoadIconA
SendMessageA
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
IsWindowUnicode
SetWindowsHookExA
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
PostQuitMessage
wsprintfA
InvalidateRect
SetCursor
SetWindowLongA
LoadCursorA
PtInRect
ReleaseCapture
PostThreadMessageA
RegisterClipboardFormatA
CreateDialogIndirectParamA
RedrawWindow
SetCapture
KillTimer
SetTimer
GetParent
RegisterWindowMessageA
PostMessageA
GetWindowRect
EnableWindow
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
InflateRect
GetNextDlgGroupItem
CopyAcceleratorTableA
CharNextA
MessageBeep
SetRect
GetSysColorBrush
GetClassNameA
GetDesktopWindow
WindowFromPoint
CharUpperA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
DestroyMenu
LoadStringA
MoveWindow
SetWindowTextA
ShowWindow
IsDialogMessageA

gdi32

IntersectClipRect
DeleteObject
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
ScaleWindowExtEx
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
PatBlt
EnumFontFamiliesExA
DPtoLP
GetTextColor
GetBkColor
LPtoDP
GetMapMode
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetBkMode
SelectObject
RestoreDC
SaveDC
DeleteDC
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
GetStockObject
GetObjectA
CreateFontIndirectA
CreateDIBitmap
GetTextExtentPointA
BitBlt
CreateCompatibleDC
CreateFontA

comdlg32

GetFileTitleA
GetOpenFileNameA
CommDlgExtendedError
GetSaveFileNameA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegCloseKey

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
ShellExecuteA

comctl32

PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA
ord17
ImageList_Destroy

oledlg

ord8

ole32

StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
OleInitialize
CoFreeUnusedLibraries
CoInitialize
CoUninitialize
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
OleUninitialize
CoGetClassObject

olepro32

ord253

oleaut32

SysFreeString
SysAllocStringLen
VariantClear
VariantTimeToSystemTime
VariantCopy
VariantChangeType
SysAllocString
SysAllocStringByteLen
SysStringLen

clrfat

libclrfat_get_file_runs
libclrfat_partition_copy

clrntfs

libclrntfs_partition_copy
libclrntfs_get_file_runs

clrpub

libclrpub_overlap_vector
libclrpub_find_from_image_run_vector
libclrpub_find_from_flat_run_vector
libclrpub_release_image_run_vector
libclrpub_xmalloc
libclrpub_run_flat_to_image
libclrpub_release_flat_run_vector
libclrpub_strdup
libclrpub_xfree
libclrpub_init_thread_gui_data
libclrpub_set_strings
libclrpub_destory_thread_gui_data
libclrpub_run_image_to_flat

zlib1

inflate
inflateReset

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

Sections

.text
Size: 300KB - Virtual size: 299KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 919KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 344KB - Virtual size: 343KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b5002c65ef3b2a39de1f09a33d816614

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

clrfat

clrntfs

clrpub

zlib1

version

Sections

.text Size: 300KB - Virtual size: 299KB

.rdata Size: 64KB - Virtual size: 61KB

.data Size: 40KB - Virtual size: 919KB

.rsrc Size: 344KB - Virtual size: 343KB

.text
Size: 300KB - Virtual size: 299KB

.rdata
Size: 64KB - Virtual size: 61KB

.data
Size: 40KB - Virtual size: 919KB

.rsrc
Size: 344KB - Virtual size: 343KB