3504566dce6fea8b8aea6f979e1f38ad157a7adf41d7d42a7fb62fac15b3226d_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

3504566dce6fea8b8aea6f979e1f38ad157a7adf41d7d42a7fb62fac15b3226d_NeikiAnalytics
Size

9.0MB
MD5

b2ef8c05ae9426b13a3b03fbba9dddf0
SHA1

f773c0eca66dd45afc4a2d0e6f25aaecdecaf4fd
SHA256

3504566dce6fea8b8aea6f979e1f38ad157a7adf41d7d42a7fb62fac15b3226d
SHA512

54f1251761e0d037eb24904fefc3850444de4135ed08886baf2e78f255feffb70cc6d46c9861bb6c142908dc113192925de4ad2737b9e36059c6ed01562d5d6a
SSDEEP

98304:Ec1nAZdaTTL5crLmdX6EswAh01ZT6ahMRy0/JWPs1i7ohuHkNanXT5foVSU4:7nxTNFdXtfCRy0/JWPs1i7ohuHkNafm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3504566dce6fea8b8aea6f979e1f38ad157a7adf41d7d42a7fb62fac15b3226d_NeikiAnalytics

Files

3504566dce6fea8b8aea6f979e1f38ad157a7adf41d7d42a7fb62fac15b3226d_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

556e947894ec30f83cd1d2412f06951c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetLocaleInfoW
LCMapStringW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
LCMapStringA
IsValidCodePage
GetACP
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStdHandle
HeapCreate
GetProfileStringA
HeapDestroy
VirtualFree
HeapSize
ExitThread
GetSystemTimeAsFileTime
ExitProcess
GetStartupInfoA
RaiseException
VirtualAlloc
HeapReAlloc
RtlUnwind
FindResourceExA
GetFileTime
GetOEMCP
GetCPInfo
GetShortPathNameA
GetFullPathNameA
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
GlobalFlags
WritePrivateProfileStringA
TlsFree
GlobalHandle
GlobalReAlloc
GetThreadLocale
VirtualProtect
FreeResource
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GlobalAddAtomA
ResumeThread
GlobalDeleteAtom
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcmpA
GetModuleFileNameW
CreateEventA
CreateNamedPipeA
HeapFree
GetDriveTypeA
FormatMessageA
GetProcessHeap
HeapAlloc
InterlockedIncrement
SetEvent
MulDiv
lstrcpyA
SetFileTime
GetTempFileNameA
MoveFileA
RemoveDirectoryA
DeleteFileA
SetFileAttributesA
GetFileAttributesA
CreateDirectoryA
GetCurrentDirectoryA
SetCurrentDirectoryA
FlushFileBuffers
SetFilePointer
CreateThread
SetThreadPriority
GetExitCodeThread
GetTickCount
InterlockedDecrement
FileTimeToLocalFileTime
GetTimeZoneInformation
GetLocaleInfoA
GetCurrentThreadId
CreateProcessA
WinExec
GetVolumeInformationA
GlobalSize
GlobalAlloc
GlobalUnlock
SetLastError
GlobalFree
GetDiskFreeSpaceA
GlobalMemoryStatus
GetSystemInfo
GetTempPathA
GetLongPathNameA
GetVersionExA
FindResourceA
LoadResource
LockResource
SizeofResource
GetWindowsDirectoryA
CreateMutexA
GetCommandLineA
LocalReAlloc
CreateSemaphoreA
WaitForSingleObject
ReleaseSemaphore
OpenSemaphoreA
Sleep
SearchPathA
FileTimeToSystemTime
TlsAlloc
TlsGetValue
TlsSetValue
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetLocalTime
GetFileSize
GetModuleHandleA
FreeLibrary
LoadLibraryA
GetCurrentProcessId
FindNextFileA
FindClose
GetModuleFileNameA
FindFirstFileA
ReadFile
SystemTimeToFileTime
GetSystemTime
GetCurrentProcess
GetProcAddress
SetErrorMode
WriteFile
LocalAlloc
CreateFileA
DeviceIoControl
CloseHandle
LocalFree
GlobalLock
GetStringTypeExA
GetEnvironmentVariableA
lstrlenA
lstrcmpiA
CompareStringW
CompareStringA
GetVersion
GetLastError
WideCharToMultiByte
MultiByteToWideChar
SetStdHandle
InterlockedExchange
CreateFileW

user32

GetMenuState
GetMenuStringA
InsertMenuA
RemoveMenu
TrackPopupMenu
SetMenuDefaultItem
GetWindowTextA
EnumChildWindows
FindWindowA
GetMessagePos
EnableScrollBar
SetForegroundWindow
GetUpdateRect
DrawFocusRect
GrayStringA
DrawTextExA
TabbedTextOutA
FrameRect
SetParent
RedrawWindow
InvertRect
DestroyCaret
CreateCaret
SetCaretPos
ShowCaret
IsIconic
DrawTextA
SetWindowPos
FindWindowExA
IsWindowEnabled
LockWindowUpdate
GetForegroundWindow
CheckRadioButton
IsDlgButtonChecked
SetWindowTextA
ClientToScreen
MoveWindow
GetDialogBaseUnits
CheckDlgButton
GetWindow
SendDlgItemMessageA
MessageBoxA
GetDlgItem
GetFocus
SetFocus
OemToCharBuffA
CharToOemBuffA
FillRect
RegisterWindowMessageA
AppendMenuA
LoadMenuA
GetMenuItemID
GetCursorPos
ReleaseCapture
GetDoubleClickTime
BeginDeferWindowPos
DrawIconEx
TrackPopupMenuEx
WindowFromPoint
SetCapture
KillTimer
SetTimer
InvalidateRect
ScreenToClient
GetSystemMenu
SetMenu
GetMenu
GetSubMenu
PostQuitMessage
DrawFrameControl
IntersectRect
SetRectEmpty
PtInRect
IsRectEmpty
GetWindowDC
EmptyClipboard
SetClipboardData
IsClipboardFormatAvailable
GetClassInfoExA
GetClipboardData
CloseClipboard
RegisterClipboardFormatA
LoadIconA
SetMenuItemInfoA
SetWindowsHookExA
GetMenuItemCount
SystemParametersInfoA
GetClassNameA
GetWindowLongA
SetPropA
CallNextHookEx
LoadBitmapA
CallWindowProcA
GetWindowRect
GetPropA
ShowScrollBar
GetScrollPos
SetScrollPos
GetScrollRange
SetScrollRange
CharUpperA
GetClassInfoA
CheckMenuItem
TranslateMessage
SetWindowLongA
RemovePropA
DestroyMenu
UnhookWindowsHookEx
IsWindowVisible
GetClientRect
GetMenuItemInfoA
EqualRect
OffsetRect
InflateRect
CopyRect
DrawStateA
LoadImageA
GetSysColor
GetDesktopWindow
GetMessageA
CreateWindowExA
ShowWindow
UpdateWindow
DefWindowProcA
DestroyWindow
UnregisterClassA
BeginPaint
EndPaint
GetKeyState
DestroyCursor
SetCursor
SetActiveWindow
BringWindowToTop
ModifyMenuA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ValidateRect
ShowOwnedPopups
GetLastActivePopup
GetWindowThreadProcessId
GetWindowPlacement
GetDlgCtrlID
IsWindow
PostMessageA
SetScrollInfo
GetScrollInfo
DeferWindowPos
AdjustWindowRectEx
RegisterClassA
EnableMenuItem
DispatchMessageA
PeekMessageA
EnableWindow
SetDlgItemTextA
CharLowerBuffA
CharUpperBuffA
GetActiveWindow
PostThreadMessageA
LoadCursorA
GetParent
SendMessageA
SetRect
DestroyIcon
SetWindowRgn
DrawIcon
IsZoomed
DestroyAcceleratorTable
GetMenuItemRect
GetKeyboardState
SetKeyboardState
CreateDialogParamA
ReleaseDC
GetDC
GetSystemMetrics
ScrollWindow
MapWindowPoints
GetMessageTime
GetTopWindow
EndDeferWindowPos
GetWindowTextLengthA
GetClassLongA
GetCapture
GetTabbedTextExtentA
CreateMenu
GetDCEx
GetSysColorBrush
MapDialogRect
GetAsyncKeyState
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
CopyAcceleratorTableA
IsChild
UnpackDDElParam
ReuseDDElParam
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
TranslateAcceleratorA
IsDialogMessageA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
OpenClipboard
WinHelpA
DeleteMenu

gdi32

MoveToEx
CopyEnhMetaFileA
GetEnhMetaFileA
CreatePalette
GetDIBits
StretchDIBits
SetStretchBltMode
RealizePalette
SelectPalette
CreateSolidBrush
GetCurrentObject
CreatePatternBrush
CreateBitmap
SetPixel
GetPixel
SetGraphicsMode
GetGraphicsMode
GetBkColor
GetTextColor
SetBkMode
PatBlt
CreateRectRgn
SelectClipRgn
SetTextColor
SetBkColor
ExtCreatePen
SetROP2
GetClipBox
RectVisible
GetCharWidthA
GetCharWidth32A
SetTextAlign
GetTextAlign
TextOutA
CloseMetaFile
CreateMetaFileA
CreateRectRgnIndirect
PtVisible
Escape
Ellipse
Arc
Polygon
GetNearestPaletteIndex
LineTo
ExcludeClipRect
IntersectClipRect
GetViewportExtEx
GetWindowExtEx
StartDocA
OffsetViewportOrgEx
ScaleWindowExtEx
GetCurrentPositionEx
SetRectRgn
CombineRgn
DPtoLP
GetWindowOrgEx
EnumFontFamiliesExA
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
GetTextExtentPoint32A
BitBlt
Rectangle
CreateFontIndirectA
CreatePen
LPtoDP
SaveDC
SetWindowOrgEx
ScaleViewportExtEx
PlayMetaFile
RestoreDC
SetWindowExtEx
SetMapMode
SetViewportOrgEx
SetViewportExtEx
DeleteMetaFile
SetMetaFileBitsEx
EnumEnhMetaFile
PlayEnhMetaFileRecord
SetWinMetaFileBits
GetMetaFileBitsEx
CreateCompatibleBitmap
FloodFill
DeleteDC
GetObjectA
DeleteObject
CreateCompatibleDC
CreateDCA
GetStockObject
GetDeviceCaps
GetViewportOrgEx
CreateEllipticRgn
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextFaceA
CreateEnhMetaFileA
SelectObject
GetTextMetricsA
ExtTextOutA
CloseEnhMetaFile
GetEnhMetaFileBits
SetPolyFillMode
CreateFontA
DeleteEnhMetaFile

msimg32

GradientFill

comdlg32

GetOpenFileNameA
GetSaveFileNameA
ChooseFontA
GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
GetJobA
ClosePrinter

advapi32

SetSecurityDescriptorDacl
RegisterEventSourceA
ReportEventA
DeregisterEventSource
RegQueryValueExA
RegEnumKeyExA
RegCreateKeyA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegSetValueA
RegisterServiceCtrlHandlerA
InitializeSecurityDescriptor
RegCloseKey
DeleteService
CreateServiceA
RegDeleteValueA
SetServiceStatus
OpenSCManagerA
OpenServiceA
ControlService
QueryServiceStatus
StartServiceA
CloseServiceHandle
StartServiceCtrlDispatcherA
RegCreateKeyExA
RegOpenKeyA
GetUserNameA
RegSetValueExA
RegOpenKeyExA

shell32

SHGetDesktopFolder
SHGetFileInfoA
SHGetSpecialFolderPathA
ShellExecuteA
ExtractIconExA
SHFileOperationA
ExtractIconA
DragQueryFileA
DragFinish
Shell_NotifyIconA

comctl32

InitCommonControlsEx
ord17

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA

ole32

StringFromGUID2
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
CoUninitialize
CoInitialize
OleRun
CLSIDFromProgID
CoCreateInstance
OleTranslateAccelerator
CoCreateGuid
IsAccelerator

oleaut32

VariantCopy
SysAllocStringByteLen
SysStringByteLen
VariantChangeType
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreate
SafeArrayPutElement
SafeArrayCreateVector
VariantTimeToSystemTime
SafeArrayDestroy
SafeArrayGetElement
SysAllocStringLen
VariantClear
VariantInit
GetErrorInfo
SysFreeString
SysAllocString

iphlpapi

GetTcpTable

ws2_32

getsockname
htons
connect
accept
listen
bind
socket
setsockopt
WSACleanup
closesocket
WSAStartup
shutdown
WSAGetLastError
gethostname
inet_ntoa
inet_addr
send
select
recv
ioctlsocket
gethostbyname

mpr

WNetGetConnectionA

Sections

.text
Size: 5.3MB - Virtual size: 5.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

CONST
Size: 4KB - Virtual size: 48B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2.3MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

556e947894ec30f83cd1d2412f06951c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

iphlpapi

ws2_32

mpr

Sections

.text Size: 5.3MB - Virtual size: 5.3MB

CONST Size: 4KB - Virtual size: 48B

.rdata Size: 1.3MB - Virtual size: 1.3MB

.data Size: 2.3MB - Virtual size: 2.8MB

.rsrc Size: 44KB - Virtual size: 40KB

.text
Size: 5.3MB - Virtual size: 5.3MB

CONST
Size: 4KB - Virtual size: 48B

.rdata
Size: 1.3MB - Virtual size: 1.3MB

.data
Size: 2.3MB - Virtual size: 2.8MB

.rsrc
Size: 44KB - Virtual size: 40KB