25f8978076e2b9ccbb6718f9220b72d0_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

25f8978076e2b9ccbb6718f9220b72d0_NeikiAnalytics.exe
Size

968KB
MD5

25f8978076e2b9ccbb6718f9220b72d0
SHA1

c4374d624fd460afa08fe62c4b9a391c53016e4b
SHA256

e216b866306e8a6627c7a8c510f22d2ffb0373698092f7af5a401826fb7c2393
SHA512

79e2139adceb0b841b58de3744c996762834f8cdf3f13e91d20fe72aa1048e02e1072cc9883e78d749f8097b0b02ca07068d0749bbb18464a3f9c72ccba42a73
SSDEEP

12288:gRXk1egQfxyGaaI1PDUO76+XKTYvnqFo78CrCU9H2U:gGAO9DUO3kYvb8COI2U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25f8978076e2b9ccbb6718f9220b72d0_NeikiAnalytics.exe

Files

25f8978076e2b9ccbb6718f9220b72d0_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

e1146132b2a55b30581a735740a0007a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\BuildAgent\work\cdc3d0ebfd4f8694\bin\Release\LittleInstaller.pdb

Imports

kernel32

GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
SetErrorMode
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoW
ExitProcess
HeapReAlloc
RtlUnwind
SetStdHandle
GetFileType
ExitThread
CreateThread
HeapSize
VirtualAlloc
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GlobalReAlloc
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeFormatA
GetDateFormatA
GetTimeZoneInformation
LCMapStringA
LCMapStringW
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
TlsGetValue
GlobalFlags
WritePrivateProfileStringW
ReleaseMutex
CreateMutexW
GetCurrentThread
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
GetLocaleInfoW
LoadLibraryExW
CompareStringA
CreateEventW
SuspendThread
SetEvent
ResumeThread
SetThreadPriority
lstrcmpA
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
WriteFile
GetThreadLocale
GetFileTime
GetFileAttributesW
FindFirstFileW
FindClose
GetModuleHandleA
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
lstrcmpW
GetVersionExA
GlobalLock
GlobalUnlock
FreeResource
GlobalAlloc
GlobalFree
lstrlenA
FindResourceExW
GetFileSize
CreateFileMappingW
MapViewOfFileEx
UnmapViewOfFile
GetFileSizeEx
LoadLibraryA
InterlockedExchange
FreeLibrary
LocalAlloc
GetUserDefaultUILanguage
WideCharToMultiByte
ExpandEnvironmentStringsW
InterlockedDecrement
InterlockedIncrement
EnterCriticalSection
DeleteCriticalSection
LeaveCriticalSection
InitializeCriticalSection
MoveFileExW
GetSystemDirectoryW
GetTempPathW
SetDllDirectoryW
OutputDebugStringW
RaiseException
ReadFile
SetFilePointer
FlushFileBuffers
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
CreateFileW
GetTempFileNameW
VerSetConditionMask
VerifyVersionInfoW
GetExitCodeProcess
DeleteFileW
MoveFileW
CopyFileW
CreateDirectoryW
MultiByteToWideChar
MulDiv
CloseHandle
CreateProcessW
OpenEventW
GetTickCount
lstrlenW
WaitForSingleObject
Sleep
GetVersionExW
FileTimeToLocalFileTime
FileTimeToSystemTime
GetUserDefaultLangID
GetModuleFileNameW
GetProcAddress
LoadLibraryW
SetLastError
GetModuleHandleW
GetLastError
FormatMessageW
FindResourceW
LoadResource
LockResource
SizeofResource
GetCommandLineA
LocalFree

user32

DestroyMenu
GetMessageW
TranslateMessage
ValidateRect
CharUpperW
EndPaint
BeginPaint
RegisterWindowMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetLastActivePopup
DispatchMessageW
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
GetKeyState
UpdateWindow
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
RegisterClipboardFormatW
CallWindowProcW
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowTextLengthW
GetWindowTextW
SetFocus
MoveWindow
IsDialogMessageW
IsDlgButtonChecked
SetDlgItemTextW
SendDlgItemMessageW
CheckDlgButton
GetDesktopWindow
GetActiveWindow
SetActiveWindow
GetSystemMetrics
CreateDialogIndirectParamW
DestroyWindow
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
EnableWindow
SendMessageW
UnregisterClassA
GetWindowRect
RedrawWindow
GetFocus
ModifyMenuW
GetMenuState
CheckMenuItem
ShowWindow
EnumThreadWindows
WaitForInputIdle
GetDC
ClientToScreen
ScreenToClient
ReleaseCapture
SetCapture
KillTimer
SetTimer
InvalidateRect
ReleaseDC
SetCursor
SetRectEmpty
PtInRect
TrackMouseEvent
LoadCursorW
GetSysColorBrush
SetWindowTextW
UnregisterClassW
EnumChildWindows
GetClassNameW
DefWindowProcW
CopyRect
IsRectEmpty
GetSysColor
CloseWindow
GetWindow
PostThreadMessageW
PostQuitMessage
FindWindowW
SetWindowLongW
GetWindowLongW
LoadIconW
GetSystemMenu
AppendMenuW
GetForegroundWindow
PostMessageW
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
OffsetRect
TranslateAcceleratorW
GetParent
DestroyAcceleratorTable
IsWindow
GetCursorPos
MapDialogRect
MessageBeep
SetRect
CreateAcceleratorTableW
AdjustWindowRectEx
EnableMenuItem
SetWindowPos
GetWindowThreadProcessId
MessageBoxW
GetDlgCtrlID
FillRect
GetClientRect
IsWindowVisible
SetForegroundWindow

gdi32

DeleteDC
GetStockObject
DPtoLP
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
CreateDIBSection
MoveToEx
LineTo
SetMapMode
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
SelectClipRgn
GetTextExtentExPointW
CreateCompatibleBitmap
BitBlt
SetBrushOrgEx
CreateCompatibleDC
CreatePatternBrush
GetDeviceCaps
GetTextMetricsW
Rectangle
CreatePen
CreateSolidBrush
RectVisible
PtVisible
Escape
ExtTextOutW
TextOutW
CreateFontIndirectW
GetObjectW
GetTextExtentPoint32W
DeleteObject

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegEnumKeyExW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyW
RegDeleteValueW
RegEnumValueW
RegCloseKey
RegQueryInfoKeyW
RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW

shell32

ShellExecuteW
SHGetFolderPathW
CommandLineToArgvW
Shell_NotifyIconW

comctl32

InitCommonControlsEx

shlwapi

UrlEscapeW
PathFileExistsW
PathAppendW
SHCreateStreamOnFileEx
AssocQueryStringW
PathStripToRootW
PathIsUNCW
PathFindFileNameW
PathFindExtensionW
UrlEscapeA

ole32

OleIsCurrentClipboard
CoCreateInstance
CreateStreamOnHGlobal
CoCreateGuid
StringFromGUID2
CoInitializeEx
CoUninitialize
CoInitialize
OleFlushClipboard
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoRevokeClassObject

oleaut32

SysFreeString
SysAllocStringByteLen
SysStringLen
SysAllocString
VariantClear
VariantInit
SysAllocStringLen
VariantChangeType
LoadRegTypeLi
LoadTypeLi

ws2_32

WSAStartup

Sections

.text
Size: 340KB - Virtual size: 339KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 440KB - Virtual size: 439KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e1146132b2a55b30581a735740a0007a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

ws2_32

Sections

.text Size: 340KB - Virtual size: 339KB

.rdata Size: 96KB - Virtual size: 95KB

.data Size: 16KB - Virtual size: 31KB

.rsrc Size: 440KB - Virtual size: 439KB

.reloc Size: 52KB - Virtual size: 50KB

.text
Size: 340KB - Virtual size: 339KB

.rdata
Size: 96KB - Virtual size: 95KB

.data
Size: 16KB - Virtual size: 31KB

.rsrc
Size: 440KB - Virtual size: 439KB

.reloc
Size: 52KB - Virtual size: 50KB