934c4eac50cb896da1364a9eb4140200_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

934c4eac50cb896da1364a9eb4140200_NeikiAnalytics.exe
Size

4.1MB
MD5

934c4eac50cb896da1364a9eb4140200
SHA1

862ace1e720b424bbd87e1d2b8d3e3cf4c168944
SHA256

9ca461338da69d788f1d6ffaedf12d441a7547608f5abf4da0b7e6767e113ad3
SHA512

f981e30c2affcb2ac7de16bbf8549471fc8d2c5501edee6e7dd70d58256057bba2a863678238e71bdbbeefec9721a24e51a4b3b14a5a6d104dbbfc91b87511f2
SSDEEP

49152:uMCWbsEOJahQZ8jOBXeXaYfQjUJGzqZwkHXVPD3Hwd4eB6qD0uhAU/wyW+tQ4TF:uMdbLiKjOBXetfYz7qsBX01U/oNur

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
934c4eac50cb896da1364a9eb4140200_NeikiAnalytics.exe

Files

934c4eac50cb896da1364a9eb4140200_NeikiAnalytics.exe
.exe windows:5 windows x86 arch:x86

a794785d83f75a2981d9fc946ee4c05a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dsound

ord11

iphlpapi

GetAdaptersInfo

winmm

timeEndPeriod
timeBeginPeriod
timeGetTime

wininet

InternetSetOptionW
HttpSendRequestW
HttpAddRequestHeadersW
InternetOpenUrlW
InternetQueryDataAvailable
InternetReadFile
InternetOpenW
InternetCrackUrlW
InternetConnectW
InternetCloseHandle
InternetQueryOptionW
HttpOpenRequestW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

kernel32

SetEnvironmentVariableA
GetProcessHeap
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
InterlockedIncrement
InterlockedDecrement
GetProcAddress
LoadLibraryW
GetShortPathNameW
SetCurrentDirectoryW
GetCurrentDirectoryW
GetModuleFileNameW
Sleep
GlobalUnlock
GlobalLock
GlobalAlloc
FreeLibrary
CloseHandle
GetLastError
CreateMutexW
SetLastError
GetSystemDirectoryW
TerminateProcess
WideCharToMultiByte
MultiByteToWideChar
GetFileAttributesW
GetExitCodeThread
SetThreadPriority
CreateThread
InterlockedExchange
WaitForSingleObject
ReleaseMutex
CreateMutexA
GetModuleFileNameA
FormatMessageA
LoadLibraryA
SwitchToFiber
CreateFiber
DeleteFiber
ConvertThreadToFiber
ExitThread
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
GetModuleHandleW
GetVersionExW
DeleteCriticalSection
GetCommandLineW
SetThreadExecutionState
FindFirstFileW
FindClose
GetFullPathNameW
FindNextFileW
CreateDirectoryW
QueryPerformanceFrequency
QueryPerformanceCounter
GetCurrentProcess
lstrlenW
GetVersionExA
ExpandEnvironmentStringsW
GetTickCount
InitializeCriticalSection
CreateEventW
TlsAlloc
TlsFree
TlsSetValue
TlsGetValue
HeapDestroy
HeapAlloc
HeapCreate
HeapFree
CreateSemaphoreW
ReleaseSemaphore
LocalFree
FormatMessageW
MapViewOfFile
CreateFileMappingA
FlushFileBuffers
UnmapViewOfFile
CreateFileMappingW
CreateFileW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
GetCommandLineA
GetStartupInfoA
RtlUnwind
RaiseException
HeapReAlloc
GetDriveTypeA
GetFullPathNameA
ExitProcess
DeleteFileA
CreateDirectoryA
GetFileAttributesA
DeleteFileW
SetStdHandle
GetFileType
GetCurrentThreadId
HeapSize
WriteFile
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
VirtualFree
GetCurrentProcessId
GetModuleHandleA
VirtualAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetCurrentDirectoryA
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
SetFilePointer
ReadFile
CompareStringA
CompareStringW
CreateFileA
GetLocaleInfoA
GetStringTypeA
GetStringTypeW

user32

EnumDisplaySettingsW
GetCapture
RegisterClassW
SystemParametersInfoA
GetCursorPos
SetCursorPos
SetCursor
LoadCursorA
MessageBoxA
SendMessageW
GetParent
PostMessageW
TrackMouseEvent
SetClassLongW
ClientToScreen
GetSystemMetrics
ShowWindow
PostQuitMessage
SetForegroundWindow
SetClipboardData
CloseClipboard
EmptyClipboard
OpenClipboard
GetClipboardData
IsClipboardFormatAvailable
RedrawWindow
LoadCursorW
SetTimer
LoadIconW
MonitorFromPoint
EnumChildWindows
DestroyWindow
GetKeyState
FindWindowW
ReleaseCapture
SetCapture
SetFocus
SetMenuItemInfoW
GetSystemMenu
DefWindowProcW
IsWindow
CallWindowProcW
GetWindowRect
MoveWindow
GetClientRect
SetWindowLongW
GetWindowLongW
GetWindow
CreateWindowExW
PeekMessageW
GetWindowInfo
ReleaseDC
GetDC
GetIconInfo
CallNextHookEx
SetWindowsHookExW
UnhookWindowsHookEx
SystemParametersInfoW
MessageBoxW
ClipCursor
GetClassLongW
IsWindowVisible
IsZoomed
AdjustWindowRect
IsIconic
SetWindowPos
SetWindowPlacement
GetMenu
GetWindowPlacement
SetMenu
UnregisterClassW
DestroyMenu
AdjustWindowRectEx
ScreenToClient
SetRect
DestroyAcceleratorTable
DispatchMessageW
TranslateMessage
TranslateAcceleratorW

gdi32

GetDIBits
DeleteObject
GetStockObject
GetObjectW
CreateCompatibleDC
SelectObject
DeleteDC

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW

shell32

SHGetSpecialFolderPathW
ShellExecuteW
CommandLineToArgvW
ExtractIconW
ShellExecuteA

ole32

CoCreateGuid
CoInitialize

Sections

.text
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 839KB - Virtual size: 839KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 149KB - Virtual size: 194KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 188KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a794785d83f75a2981d9fc946ee4c05a

Headers

DLL Characteristics

File Characteristics

Imports

dsound

iphlpapi

winmm

wininet

version

kernel32

user32

gdi32

advapi32

shell32

ole32

Sections

.text Size: 2.8MB - Virtual size: 2.8MB

.rdata Size: 839KB - Virtual size: 839KB

.data Size: 149KB - Virtual size: 194KB

.rsrc Size: 86KB - Virtual size: 85KB

.reloc Size: 188KB - Virtual size: 188KB

.text
Size: 2.8MB - Virtual size: 2.8MB

.rdata
Size: 839KB - Virtual size: 839KB

.data
Size: 149KB - Virtual size: 194KB

.rsrc
Size: 86KB - Virtual size: 85KB

.reloc
Size: 188KB - Virtual size: 188KB