d16dbb3e401f63f95f711298fc57a860_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

d16dbb3e401f63f95f711298fc57a860_NeikiAnalytics.exe
Size

2.2MB
MD5

d16dbb3e401f63f95f711298fc57a860
SHA1

1c1553e5d0d5e8619bb51c5d5f0fb31bff59a3ac
SHA256

65f02017e9776582257c053c1c9797747e6ee13faec63311d4ce5bcd14f8bc2a
SHA512

ee19ca8bf28950578be480005cfcdb486323ecd0de7cc9b468148b69ab088be16aaef2b65a6b9c052c647cd45458a00e2d4415ed0bbac1c46f4397434043061d
SSDEEP

49152:nhaMf4/aoHfKJ4VGpk6xquB4NGy6Gel5+7a6lPGqhMFhd6xu:Mog6A7FbOqhQb6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d16dbb3e401f63f95f711298fc57a860_NeikiAnalytics.exe

Files

d16dbb3e401f63f95f711298fc57a860_NeikiAnalytics.exe
.exe windows:5 windows x86 arch:x86

44ff307fa817157378924e49a9543639

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\hp\Desktop\Projekte-SVN\vim\vim\src\vim.pdb

Imports

kernel32

GlobalUnlock
GetSystemInfo
SetConsoleTitleW
GetModuleHandleA
GetCurrentProcessId
LocalFree
GlobalSize
GlobalAlloc
GlobalFree
GetFullPathNameW
GetCommandLineW
GetComputerNameA
GetFullPathNameA
GetTempFileNameW
FillConsoleOutputCharacterA
SearchPathW
WriteConsoleOutputCharacterA
SetErrorMode
CreateProcessW
SetConsoleTextAttribute
GetNumberOfConsoleMouseButtons
GetCurrentProcess
ReadConsoleOutputAttribute
WaitForSingleObject
SetConsoleScreenBufferSize
GetComputerNameW
BackupSeek
ReadConsoleOutputA
WriteFile
GetConsoleMode
ReadConsoleInputA
WriteConsoleOutputA
GetFileAttributesA
SetConsoleMode
SetConsoleCursorPosition
GetFileAttributesW
SetConsoleTitleA
GetLargestConsoleWindowSize
SetCurrentDirectoryA
GetStdHandle
GetCurrentDirectoryW
BackupRead
MoveFileW
SearchPathA
SetFileAttributesA
LoadLibraryA
GetConsoleScreenBufferInfo
GetFileType
MoveFileA
SetConsoleCtrlHandler
SetCurrentDirectoryW
SetConsoleWindowInfo
GetModuleFileNameA
SetConsoleCursorInfo
GetConsoleTitleW
FillConsoleOutputAttribute
GetCurrentDirectoryA
GetConsoleCursorInfo
PeekConsoleInputA
WriteConsoleOutputAttribute
ScrollConsoleScreenBufferA
GetVersionExA
CloseHandle
DeleteFileW
GetFileInformationByHandle
SetFileAttributesW
TerminateProcess
GetStartupInfoA
CreatePipe
CreateFileW
MulDiv
Sleep
FormatMessageA
GetConsoleTitleA
IsBadReadPtr
GetTickCount
GlobalLock
RaiseException
WriteConsoleW
RtlUnwind
VirtualQuery
CreateFileA
GetConsoleCP
GetLocaleInfoA
FindNextFileW
FindNextFileA
FindClose
FindFirstFileA
FindFirstFileW
IsValidCodePage
GetProcAddress
IsDBCSLeadByteEx
GetLastError
GetACP
FreeLibrary
GetCPInfo
DeleteFileA
GetTempPathA
GetTempFileNameA
MultiByteToWideChar
WideCharToMultiByte
GetShortPathNameA
QueryPerformanceFrequency
QueryPerformanceCounter
CreateProcessA
GetEnvironmentStringsW
FreeEnvironmentStringsW
CompareStringW
GetProcessHeap
SetEndOfFile
HeapSize
LoadLibraryW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoW
GetUserDefaultLCID
FlushFileBuffers
LCMapStringW
GetTimeZoneInformation
GetModuleFileNameW
HeapDestroy
HeapCreate
FatalAppExitA
GetCurrentThread
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetOEMCP
DeleteCriticalSection
GetStartupInfoW
SetHandleCount
IsProcessorFeaturePresent
SetEnvironmentVariableA
InterlockedExchange
DuplicateHandle
SetFilePointer
ReadFile
HeapSetInformation
GetCommandLineA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStringTypeW
CreateDirectoryA
CreateDirectoryW
FindFirstFileExA
GetDriveTypeA
InitializeCriticalSectionAndSpinCount
SetStdHandle
SetEnvironmentVariableW
EncodePointer
FindFirstFileExW
GetDriveTypeW
VirtualAlloc
VirtualProtect
PeekNamedPipe
FileTimeToLocalFileTime
FileTimeToSystemTime
DecodePointer
ExitProcess
HeapFree
HeapAlloc
GetTimeFormatA
GetDateFormatA
HeapReAlloc
GetSystemTimeAsFileTime
EnterCriticalSection
LeaveCriticalSection
InterlockedDecrement
InterlockedIncrement
GetModuleHandleW
GetExitCodeProcess

advapi32

OpenProcessToken
AdjustTokenPrivileges
GetUserNameA
GetUserNameW
GetAclInformation
LookupPrivilegeValueA
GetAce

shell32

CommandLineToArgvW
ExtractIconA

gdi32

CreateDCA
SetAbortProc
SetBkMode
DeleteObject
SelectObject
SetBkColor
EnumFontFamiliesA
GetNearestColor
GetTextMetricsA
SetTextAlign
TextOutW
EndDoc
TextOutA
CreateFontIndirectA
GetDeviceCaps
DeleteDC
SetTextColor
StartPage
GetTextExtentPoint32W
EndPage
StartDocA

comdlg32

CommDlgExtendedError
PrintDlgA

ole32

CoInitialize
CoUninitialize
CoCreateInstance

user32

IsDialogMessageA
PeekMessageA
DispatchMessageA
GetSystemMetrics
LoadKeyboardLayoutA
CloseClipboard
IsClipboardFormatAvailable
RegisterClipboardFormatA
GetClipboardData
EmptyClipboard
OpenClipboard
SetClipboardData
DestroyWindow
GetClassNameA
GetSystemMenu
GetWindowRect
CreateDialogParamA
SendDlgItemMessageA
GetWindowDC
MsgWaitForMultipleObjects
SetForegroundWindow
GetParent
wsprintfA
SendMessageA
MessageBeep
TranslateMessage
SetDlgItemInt
OffsetRect
GetWindowTextA
CharUpperBuffA
BringWindowToTop
CreateWindowExA
ReleaseDC
EnableMenuItem
DefWindowProcA
CharLowerBuffA
GetDesktopWindow
SetWindowPos
IsWindow
SystemParametersInfoA
SetWindowTextA
LoadImageA
SetDlgItemTextW
EnableWindow
FindWindowA
GetDlgItemTextA
SetDlgItemTextA
CopyRect
RegisterClassA
MapVirtualKeyA
ToAscii
GetMessageA
EnumWindows

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 227KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

44ff307fa817157378924e49a9543639

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

advapi32

shell32

gdi32

comdlg32

ole32

user32

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 84KB - Virtual size: 83KB

.data Size: 227KB - Virtual size: 276KB

.rsrc Size: 30KB - Virtual size: 29KB

.reloc Size: 139KB - Virtual size: 139KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 84KB - Virtual size: 83KB

.data
Size: 227KB - Virtual size: 276KB

.rsrc
Size: 30KB - Virtual size: 29KB

.reloc
Size: 139KB - Virtual size: 139KB