33a0f6f38dcea3f42ddf8b2af4cc2310_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

33a0f6f38dcea3f42ddf8b2af4cc2310_NeikiAnalytics.exe
Size

136KB
MD5

33a0f6f38dcea3f42ddf8b2af4cc2310
SHA1

17cb44e85f8dafb9113c462bfac3fdfdd1f4d5e2
SHA256

b7041da5842ee0c6362cde4bd80eadd028a7c9c92b0e69fdcf5860857af19781
SHA512

958eaaee36a2701cbd49e41c0d3cfe049f31375625096cf42df3ef97bb3c586566d52468d5c13d92f396366ff39268f8254d50ca8422dbaf86e3411d05e25008
SSDEEP

3072:NcKBY9WNb1ZPZJro0+t10NrMAakeYR2OUQfugmyuNiDMyuOMw3Gj:NcW7bo70av0ugzeiDhl6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
33a0f6f38dcea3f42ddf8b2af4cc2310_NeikiAnalytics.exe

Files

33a0f6f38dcea3f42ddf8b2af4cc2310_NeikiAnalytics.exe
.exe windows:6 windows x86 arch:x86

f4b4670ecfb2181d495c8d090526da0a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

lua54

lua_tointegerx
lua_toboolean
lua_touserdata
lua_type
lua_rotate
lua_pushvalue
lua_gettop
luaopen_embed
lua_pushnil
lua_pushnumber
lua_schedule
luaL_embedopen
lua_pushinteger
lua_pushlstring
lua_pushcclosure
lua_pushboolean
lua_pushlightuserdata
lua_rawgeti
lua_setfield
lua_rawset
lua_callk
lua_yieldk
lua_error
luaL_tolstring
luaL_checklstring
luaL_checkinteger
luaL_checktype
luaL_error
luaL_checkoption
luaL_unref
luaL_len
lua_registerobject
lua_toself
lua_registermodule
luaL_setrawfuncs
lua_registerevent
lua_getevent
search_task
fontsize_fromheight
luaL_checkFilename
WM_LUAMAX
lua_widgetinitialize
lua_widgetconstructor
lua_widgetdestructor
lua_registerwidget
lua_widgetproc
lua_uigetinfo
WIDGET_METHODS
TWidget
lua_isuserdata
luaL_typeerror
luaL_checknumber
luaL_optinteger
luaL_ref
lua_createcinstance
lua_tocinstance
lua_checkcinstance
lua_pushnewinstancebyname
lua_objectname
LoadFont
TBuffer
TDatetime
lua_copy
lua_setmetatable
luaL_getmetafield
luaL_where
luaL_setfuncs
lua_isstring
lua_isinteger
lua_next
luaL_argerror
luaL_getlasterror
lua_iscinstance
lua_settop
lua_tolstring
lua_pushstring
lua_getfield
lua_createtable
lua_pushlwstring
lua_tolwstring
lua_pushnewinstance
luaL_openlibs
luaL_requiref
luaL_gsub
luaL_newstate
luaL_loadstring
luaL_loadfilex
lua_concat
lua_gc
lua_pcallk
lua_rawseti
lua_setglobal
lua_close

ole32

CoUninitialize
CoInitializeEx
CoCreateInstance

comctl32

InitCommonControlsEx
ImageList_Create
ImageList_GetImageCount
ord410
ord412
ImageList_Destroy
ImageList_SetImageCount
ord413
ImageList_ReplaceIcon
ImageList_Remove
ImageList_Draw
ImageList_GetIconSize

shell32

Shell_NotifyIconW
SHGetFileInfoW
ExtractIconExW
DuplicateIcon
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetMalloc

gdi32

SetBkMode
SetTextColor
Polyline
ExtTextOutW
SetBkColor
GetStockObject
GetDeviceCaps
DeleteObject
CreateSolidBrush
MoveToEx
CreateDIBSection
GetObjectA
CreateFontIndirectW
SelectObject
GetObjectW
CreateBitmap
CreateFontIndirectA
CreatePen
ExtFloodFill
GetPixel
LineTo
SetDCBrushColor
Rectangle
SetDCPenColor

uxtheme

GetThemePartSize
DrawThemeBackground
SetWindowTheme
GetThemeColor
CloseThemeData
OpenThemeData
DrawThemeTextEx

user32

DrawTextW
DrawMenuBar
GetSystemMetrics
IsWindowEnabled
GetDlgItem
BringWindowToTop
SetWindowPlacement
GetWindowPlacement
GetDesktopWindow
DestroyIcon
CreateIconFromResourceEx
GetMenuBarInfo
SetMenu
CreatePopupMenu
GetMenuItemCount
AppendMenuW
RemoveMenu
SetMenuInfo
InsertMenuItemW
GetMenuItemInfoW
SetMenuItemInfoW
GetWindowDC
SetWindowTextA
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
AdjustWindowRectEx
SetCursor
SetForegroundWindow
CreateIconIndirect
GetKeyboardLayout
PostMessageW
DefWindowProcA
PostQuitMessage
SetLayeredWindowAttributes
VkKeyScanExW
CreateAcceleratorTableW
DestroyAcceleratorTable
CopyAcceleratorTableW
CreateMenu
TrackPopupMenu
ChildWindowFromPoint
SystemParametersInfoA
MonitorFromWindow
GetMonitorInfoA
GetAncestor
IntersectRect
OffsetRect
GetClassNameW
SystemParametersInfoW
HideCaret
ScreenToClient
MapWindowPoints
DestroyMenu
CreateWindowExW
GetMessagePos
EnumDisplayMonitors
GetMonitorInfoW
EnumDisplayDevicesW
LoadIconA
LoadCursorA
CallNextHookEx
TranslateMessage
DispatchMessageA
PeekMessageA
SendMessageA
SendMessageW
PostMessageA
CallWindowProcA
RegisterClassExA
DestroyWindow
ShowWindow
SetWindowPos
IsWindowVisible
GetNextDlgTabItem
SetFocus
GetActiveWindow
GetFocus
GetAsyncKeyState
EnableWindow
TranslateAcceleratorW
UpdateWindow
SetActiveWindow
GetDC
ReleaseDC
BeginPaint
EndPaint
InvalidateRect
RedrawWindow
GetClientRect
GetWindowRect
MessageBoxW
GetCursorPos
GetSysColor
GetSysColorBrush
FillRect
GetWindowLongA
SetWindowLongA
SetClassLongA
GetProcessDefaultLayout
GetParent
EnumChildWindows
EnumThreadWindows
SetWindowsHookExA
UnhookWindowsHookEx

kernel32

FreeLibrary
GetModuleFileNameW
GetProcAddress
LoadLibraryA
Sleep
CreateThread
GetCurrentThreadId
GetModuleHandleA
GetFileAttributesW
MulDiv
GetLastError
VirtualProtect
GetModuleHandleW
LoadLibraryExW
CloseHandle
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
InitializeSListHead
GetCurrentProcess
TerminateProcess
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
WaitForSingleObject

dwmapi

DwmSetWindowAttribute
DwmGetWindowAttribute

comdlg32

GetOpenFileNameW
GetSaveFileNameW
ChooseColorA
ChooseFontW

api-ms-win-shcore-scaling-l1-1-1

GetDpiForMonitor

msvcp140

?_Xlength_error@std@@YAXPBD@Z

vcruntime140

strstr
wcschr
wcsstr
memset
__std_exception_copy
_CxxThrowException
memmove
memcpy
__current_exception
_except_handler4_common
__current_exception_context
__std_exception_destroy

api-ms-win-crt-heap-l1-1-0

realloc
calloc
malloc
_set_new_mode
_callnewh
free

api-ms-win-crt-runtime-l1-1-0

_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_invalid_parameter_noinfo_noreturn
_initterm_e
exit
_exit
_c_exit
_register_thread_local_exe_atexit_callback
_cexit
terminate
_get_narrow_winmain_command_line
_controlfp_s
_seh_filter_exe
_crt_atexit
_initterm
_set_app_type
__p___argv

api-ms-win-crt-stdio-l1-1-0

puts
fputs
__acrt_iob_func
_wfopen
fclose
fread
_fseeki64
fwrite
__stdio_common_vfprintf
__p__commode
_set_fmode

api-ms-win-crt-string-l1-1-0

wcsncpy
_wcsdup
_stricmp

api-ms-win-crt-math-l1-1-0

floor
__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Exports

Exports

TWidget
TWidgetItem
TWindow
WIDGET_METHODS
WM_LUAMAX
lua_registerwidget
lua_uigetinfo
lua_widgetconstructor
lua_widgetdestructor
lua_widgetinitialize
lua_widgetproc

Sections

.text
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f4b4670ecfb2181d495c8d090526da0a

Headers

DLL Characteristics

File Characteristics

Imports

lua54

ole32

comctl32

shell32

gdi32

uxtheme

user32

kernel32

dwmapi

comdlg32

api-ms-win-shcore-scaling-l1-1-1

msvcp140

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

Exports

Exports

Sections

.text Size: 83KB - Virtual size: 83KB

.rdata Size: 20KB - Virtual size: 20KB

.data Size: 3KB - Virtual size: 4KB

.rsrc Size: 18KB - Virtual size: 18KB

.reloc Size: 9KB - Virtual size: 9KB

.text
Size: 83KB - Virtual size: 83KB

.rdata
Size: 20KB - Virtual size: 20KB

.data
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 18KB - Virtual size: 18KB

.reloc
Size: 9KB - Virtual size: 9KB