3f081cbfc6b0ab6a615bf57c93b52200_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

3f081cbfc6b0ab6a615bf57c93b52200_NeikiAnalytics.exe
Size

2.6MB
MD5

3f081cbfc6b0ab6a615bf57c93b52200
SHA1

4d703e44f3e3e46f8a88cc2b484474e2d54c65af
SHA256

996d3a282ea9b6db112be0c28dee823ed4de8abc12fcd5dd0485273a89c9ef04
SHA512

693112b37aaf68937f84f3cb06fbc7b1316bf2310e297adeda7aa9bc3a054affebf5cf9c346dadd1cd65af81a4b81b14010e1a22fdfa74bde8ae4ae001b33502
SSDEEP

49152:p8aCS0LJI0IxnCO5ST+k085smQjliYAzg/I7:Gaz0LJI7f5ST+k085sjjkYAz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f081cbfc6b0ab6a615bf57c93b52200_NeikiAnalytics.exe

Files

3f081cbfc6b0ab6a615bf57c93b52200_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

a16064e2866129b7ae7405b730a3daa3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteCriticalSection
InitializeCriticalSection
WriteFile
GetLastError
MapViewOfFile
GetFileSize
CreateFileMappingA
CreateFileA
CreateFileW
WideCharToMultiByte
GetVersionExA
CloseHandle
UnmapViewOfFile
LoadLibraryA
GetLocalTime
EnterCriticalSection
GetSystemInfo
GetVolumeInformationA
HeapAlloc
GetProcessHeap
HeapFree
GetProcAddress
QueryPerformanceFrequency
QueryPerformanceCounter
MultiByteToWideChar
GetModuleFileNameA
GetFileAttributesA
LeaveCriticalSection
GetDriveTypeA
MoveFileA
DeleteFileA
ExitProcess
TerminateProcess
GetCurrentProcess
HeapSize
InterlockedDecrement
GetTickCount
FindFirstFileA
FindNextFileA
FindClose
OutputDebugStringA
IsProcessorFeaturePresent
Sleep
InterlockedIncrement
RtlUnwind
InterlockedExchange
DebugBreak
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetLocaleInfoW
SetEndOfFile
IsBadCodePtr
GetStringTypeW
GetStringTypeA
GetOEMCP
GetACP
GetCurrentProcessId
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetCPInfo
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
FlushFileBuffers
SetUnhandledExceptionFilter
SetStdHandle
LCMapStringW
LCMapStringA
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetFileType
GetStdHandle
SetHandleCount
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
ReadFile
SetFilePointer
HeapReAlloc
GetSystemTimeAsFileTime
GetVersion
GetCommandLineA
GetStartupInfoA
IsBadReadPtr
RaiseException
GetSystemTime
GetTimeZoneInformation
GetModuleHandleA

user32

ClientToScreen
GetClientRect
MoveWindow
DispatchMessageA
TranslateMessage
GetMessageA
PeekMessageA
SystemParametersInfoA
GetAsyncKeyState
GetKeyState
ReleaseCapture
ClipCursor
LoadIconA
LoadCursorA
RegisterClassA
CreateWindowExA
UpdateWindow
PostMessageA
PostQuitMessage
ShowWindow
DefWindowProcA
mouse_event
DestroyWindow
wsprintfA
GetDC
SetCursor
SetTimer
SetCapture
KillTimer
MessageBoxA

gdi32

SetDIBitsToDevice
CreateDIBSection
DeleteObject
GetStockObject

ole32

CoUninitialize
CoInitialize
CoCreateInstance
CoInitializeEx

d3d9

Direct3DCreate9

dsound

ord1

dinput8

DirectInput8Create

binkw32

_BinkDoFrame@4
_BinkCheckCursor@20
_BinkCopyToBuffer@28
_BinkRestoreCursor@4
_BinkNextFrame@4
_BinkWait@4
_BinkDX9SurfaceType@4
_BinkOpen@8
_BinkClose@4
_BinkOpenDirectSound@4
_BinkSetSoundSystem@8
_BinkPause@8

mss32

_AIL_decompress_ADPCM@12
_AIL_open_stream@12
_AIL_set_stream_loop_count@8
_AIL_auto_service_stream@8
_AIL_start_stream@4
_AIL_set_stream_volume_levels@12
_AIL_stream_status@4
_AIL_pause_stream@8
_AIL_close_stream@4
_AIL_close_3D_listener@4
_AIL_release_3D_sample_handle@4
_AIL_close_3D_provider@4
_AIL_set_redist_directory@4
_AIL_startup@0
_AIL_open_digital_driver@16
_AIL_last_error@0
_AIL_shutdown@0
_AIL_enumerate_3D_providers@12
_AIL_open_3D_provider@4
_AIL_allocate_3D_sample_handle@4
_AIL_open_3D_listener@4
_AIL_set_3D_sample_effects_level@8
_AIL_set_3D_orientation@28
_AIL_WAV_info@8
_AIL_decompress_ASI@24
_AIL_file_type@8
_AIL_file_size@4
_AIL_file_read@8
_AIL_mem_free_lock@4
_AIL_set_3D_sample_volume@8
_AIL_set_3D_sample_distances@12
_AIL_end_3D_sample@4
_AIL_3D_sample_status@4
_AIL_set_3D_sample_loop_count@8
_AIL_start_3D_sample@4
_AIL_set_3D_sample_playback_rate@8
_AIL_set_3D_sample_file@8
_AIL_set_3D_position@16

granny2

_GrannySetControlEaseIn@8
_GrannySetControlEaseOut@8
_GrannySetControlEaseOutCurve@28
_GrannyCompleteControlAt@8
_GrannyPlayControlledAnimation@12
_GrannySetControlLoopCount@8
_GrannySetControlWeight@8
_GrannyEaseControlIn@12
_GrannyGetControlDurationLeft@4
_GrannySetControlSpeed@8
_GrannyGetMaterialTextureByType@8
_GrannyGetMeshIndexCount@4
_GrannyNewMeshBinding@12
_GrannyCopyMeshIndices@12
_GrannyMeshIsRigid@4
GrannyPNT332VertexType
_GrannyCopyMeshVertices@12
GrannyP3VertexType
_GrannyGetMeshVertexType@4
_GrannyNewMeshDeformer@12
_GrannyCopyTextureImage@32
_GrannyFreeWorldPose@4
_GrannyFreeModelInstance@4
_GrannyGetControlEaseCurveMultiplier@4
_GrannyFreeMeshBinding@4
_GrannyFreeFile@4
_GrannyGetFileInfo@4
_GrannyInstantiateModel@4
_GrannyNewWorldPose@4
_GrannyRecenterAllControlClocks@4
_GrannyVersionsMatch_@16
_GrannySetLogCallback@4
_GrannyInitializeDefaultCamera@4
_GrannySetCameraAspectRatios@24
_GrannyGetMeshTriangleGroupCount@4
_GrannyGetMeshTriangleGroups@4
_GrannySetModelClock@8
_GrannyGetSourceSkeleton@4
_GrannyFreeLocalPose@4
_GrannyNewLocalPose@4
_GrannySampleModelAnimations@16
_GrannyBuildWorldPose@24
_GrannyGetMeshVertexCount@4
_GrannyGetMeshVertices@4
_GrannyDeformVertices@24
_GrannyGetWorldPoseComposite4x4Array@4
_GrannyGetMeshBindingToBoneIndices@4
_GrannySetControlEaseInCurve@28
_GrannyFreeCompletedModelControls@4
_GrannyFreeControl@4
_GrannyControlIsComplete@4
_GrannyGetControlRawLocalClock@4
GrannyBGR888PixelFormat
GrannyBGR555PixelFormat
GrannyBGR565PixelFormat
GrannyBGRA5551PixelFormat
GrannyBGRA4444PixelFormat
GrannyBGRA8888PixelFormat
_GrannyGetWorldPose4x4@8
_GrannyFindBoneByName@12
_GrannyReadEntireFile@4
_GrannyGetWorldPose4x4Array@4
_GrannyFreeMeshDeformer@4

winmm

timeEndPeriod
timeBeginPeriod
timeGetDevCaps
timeSetEvent
timeKillEvent
timeGetTime

wsock32

select
ntohl
sendto
closesocket
recvfrom
getsockname
bind
ntohs
shutdown
WSACleanup
recv
send
connect
htons
ioctlsocket
socket
WSAStartup
inet_addr
gethostbyname
gethostname
htonl
__WSAFDIsSet
setsockopt
WSAGetLastError

comctl32

ord17

advapi32

RegCloseKey
RegOpenKeyA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 588KB - Virtual size: 44.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a16064e2866129b7ae7405b730a3daa3

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ole32

d3d9

dsound

dinput8

binkw32

mss32

granny2

winmm

wsock32

comctl32

advapi32

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 176KB - Virtual size: 175KB

.data Size: 588KB - Virtual size: 44.7MB

.tls Size: 4KB - Virtual size: 12B

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 176KB - Virtual size: 175KB

.data
Size: 588KB - Virtual size: 44.7MB

.tls
Size: 4KB - Virtual size: 12B

.rsrc
Size: 4KB - Virtual size: 3KB