9f203c86325e3dcba44528c8e12a6640_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

9f203c86325e3dcba44528c8e12a6640_NeikiAnalytics.exe
Size

584KB
MD5

9f203c86325e3dcba44528c8e12a6640
SHA1

e955561184096cf8d9114f0720a6500971ba83b9
SHA256

1c6b4be2598c75b4e222e7b226ad0c9334f189560230923ac04c91de64ee405f
SHA512

1e7daa1edc30217c4a1e249b97c57c32cbb4fb8e6c550479e58328ca0f32d795448a45db34ef21fb9ae0f83594211848ebce9da80dd644762660d0634bbe3feb
SSDEEP

12288:nFDRICKECvcuV9rk9Cf3uhu1zw1LCD9cJmXV4UKRXCidEr2MUTYP/9KRzJEMfPOF:nxRICKECvcuV9rmCf3uhu1zw1LCD9cJU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9f203c86325e3dcba44528c8e12a6640_NeikiAnalytics.exe

Files

9f203c86325e3dcba44528c8e12a6640_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

4c4294b3892cc98efc4a320a931f0127

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\MATRIX\Build\Release\Playback.pdb

Imports

database

_MediaDB_GetTimeSegmentNumber@8
_MediaDB_OpenLocation@12
_MediaDB_FindFirstTimeInterval@8
_MediaDB_GetLocationNum@8
_MediaDB_SetEvenQueryOptions@8
_MediaDBRet_Initial@4
_MediaDBRet_MatchTime@24
_MediaDBRet_MatchFirstI@28
_MediaDBRet_OutputOneDataPacket@20
_MediaDB_CloseLocation@4
_MediaDB_Release@4
_MediaDB_FindFirstEventInterval@8
_MediaDB_FindNextEventInterval@8
_MediaDB_CreateEventQuery@20
_MediaDB_GetEventIntervalNum@8
_MediaDB_CreateTimeQuery@16
_MediaDB_Initial@12
_MediaDB_GetTimeIntervalNum@8
_MediaDB_DeleteQuery@4
_MediaDBRet_Release@4
_MediaDB_FindNextTimeInterval@8
_MediaDB_GetLocationList@12
_MediaDB_GetTimeSegmentInterval@12

avsynchronizer

_AvSynchronizer_FreePicture@4
_AvSynchronizer_GetCurrentSnapShot@12
_AvSynchronizer_GetVideoCompressorParam@8
_AvSynchronizer_ChooseVideoCompressor@16
_AvSynchronizer_GetAudioCompressorParam@8
_AvSynchronizer_ChooseAudioCompressor@16
_AvSynchronizer_DeleteChannel@8
_AvSynchronizer_DeleteAVIChannel@8
_AvSynchronizer_InputAVIMedia@8
_AvSynchronizer_StartAVIChannel@8
_AvSynchronizer_StopAVIChannel@4
_AvSynchronizer_CreateAVIChannel@12
_AvSynchronizer_UpdatePlaybackChannelSettings@56
_AvSynchronizer_SetVideoCompressorParam@8
_AvSynchronizer_SetAudioCompressorParam@8
_AvSynchronizer_StartChannel@8
_AvSynchronizer_StopChannel@4
_AvSynchronizer_CreatePlaybackChannel@116
_AvSynchronizer_InitialEx@36
_AvSynchronizer_InputPlaybackMediaFrame@8
_AvSynchronizer_Release@4

parsedatapacket

_DataPacket_Parse@4

msvfw32

DrawDibOpen
DrawDibClose

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

kernel32

lstrcmpA
GetCurrentThread
FileTimeToSystemTime
GlobalReAlloc
GlobalHandle
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
InterlockedIncrement
GetCPInfo
GetOEMCP
WritePrivateProfileStringA
ConvertDefaultLocale
ReadFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetCurrentProcess
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesA
ExitProcess
RtlUnwind
RaiseException
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
GetStartupInfoA
GetCommandLineA
HeapReAlloc
HeapSize
QueryPerformanceCounter
SetUnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetTimeZoneInformation
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
VirtualProtect
GetSystemInfo
VirtualQuery
SetEnvironmentVariableA
EnumResourceLanguagesA
InterlockedDecrement
FormatMessageA
lstrcpynA
LocalFree
GlobalLock
GlobalUnlock
MulDiv
SetLastError
FreeResource
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcatA
lstrcmpW
lstrcpyA
GetModuleHandleA
lstrcmpiA
CompareStringW
CompareStringA
OutputDebugStringA
WaitForMultipleObjects
ResetEvent
SetThreadPriority
GetFileSize
CreateEventA
CreateThread
WaitForMultipleObjectsEx
GetExitCodeThread
TerminateThread
GetModuleFileNameA
WinExec
Sleep
SetEvent
GetTempPathA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
SleepEx
GetCurrentProcessId
OpenProcess
GetLastError
TerminateProcess
GetTickCount
WaitForSingleObject
BeginUpdateResourceA
UpdateResourceA
EndUpdateResourceA
SetFileTime
CompareFileTime
GetFileTime
GetSystemDirectoryA
GetVersion
CreateMutexA
OpenMutexA
ReleaseMutex
CreateDirectoryA
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
GetCurrentThreadId
lstrlenA
DeleteCriticalSection
FreeLibrary
LoadLibraryA
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
LocalAlloc
GlobalAlloc
CreateFileA
WriteFile
CloseHandle
GlobalFree

user32

CreateDialogIndirectParamA
wsprintfA
TranslateMessage
GetMessageA
PostQuitMessage
MapDialogRect
SetWindowContextHelpId
GetSysColorBrush
CharNextA
SetRect
CopyAcceleratorTableA
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatA
PostThreadMessageA
GetMenuState
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
RegisterWindowMessageA
WinHelpA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
SetFocus
IsChild
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageA
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
UpdateWindow
GetMenu
GetMenuItemID
EndDialog
AdjustWindowRectEx
EqualRect
RegisterClassA
UnregisterClassA
GetDlgCtrlID
CallWindowProcA
SetWindowPos
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindow
CharUpperA
GetClassInfoA
DefWindowProcA
GetDoubleClickTime
IsWindowVisible
IsRectEmpty
EnumDisplaySettingsA
SetWindowLongA
MoveWindow
ChangeDisplaySettingsA
GetDlgItem
GetSystemMetrics
LoadIconA
RedrawWindow
IsIconic
DrawIcon
GetKeyState
GetDC
ReleaseDC
ClipCursor
ValidateRect
InvertRect
DrawEdge
GetFocus
MessageBoxA
wvsprintfA
SetForegroundWindow
ShowWindow
GetCursorPos
ReleaseCapture
GetDesktopWindow
SetCapture
GetCapture
ScreenToClient
LoadBitmapA
PtInRect
LoadStringA
EnumThreadWindows
GetClassNameA
KillTimer
SetTimer
PostMessageA
GetSubMenu
TrackPopupMenuEx
DestroyMenu
DestroyCursor
LoadImageA
GetIconInfo
IsWindow
SetCursor
GetWindowLongA
EnableWindow
WindowFromPoint
GetParent
GetNextDlgTabItem
GetActiveWindow
InvalidateRect
ClientToScreen
GetClientRect
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
IsWindowEnabled
SetWindowTextA
IsDialogMessageA
GetWindowRect
SendMessageA
DrawFocusRect
FrameRect
FillRect
OffsetRect
InflateRect
CopyRect
LoadCursorA
SetClassLongA
GetSysColor
DrawStateA
DestroyIcon
SetDlgItemTextA
GetMenuItemCount
LockWindowUpdate

gdi32

GetDeviceCaps
CreateFontIndirectA
GetBkColor
PatBlt
GetTextMetricsA
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
StartDocA
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreateRectRgnIndirect
GetMapMode
DPtoLP
GetTextColor
GetRgnBox
MoveToEx
LineTo
SetMapMode
SetBkMode
RestoreDC
SaveDC
GetClipBox
StartPage
CreateDIBSection
SetStretchBltMode
SetBrushOrgEx
StretchBlt
EndPage
EndDoc
TextOutA
GetTextExtentPoint32A
CreateEllipticRgn
CombineRgn
PtInRegion
SetPixel
CreatePen
GetPixel
CreateSolidBrush
CreateCompatibleBitmap
CreateBitmap
CreateCompatibleDC
SelectObject
SetBkColor
BitBlt
SetTextColor
DeleteDC
GetStockObject
DeleteObject
GetObjectA

comdlg32

GetFileTitleA
PrintDlgA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

SetNamedSecurityInfoA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegQueryValueExA

shell32

SHGetPathFromIDListA
SHGetDesktopFolder
SHGetMalloc
SHBrowseForFolderA
ShellExecuteExA

comctl32

_TrackMouseEvent
ord17

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
CoTaskMemAlloc
CoTaskMemFree
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoInitialize
CLSIDFromString
CLSIDFromProgID
CoUninitialize

oleaut32

SysAllocStringByteLen
SysStringLen
SysFreeString
SysAllocStringLen
VariantInit
VariantChangeType
SystemTimeToVariantTime
VariantCopy
SafeArrayDestroy
SysAllocString
OleCreateFontIndirect
VariantClear

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 276KB - Virtual size: 273KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 232KB - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4c4294b3892cc98efc4a320a931f0127

Headers

File Characteristics

PDB Paths

Imports

database

avsynchronizer

parsedatapacket

msvfw32

version

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

oleacc

Sections

.text Size: 276KB - Virtual size: 273KB

.rdata Size: 60KB - Virtual size: 59KB

.data Size: 12KB - Virtual size: 23KB

.rsrc Size: 232KB - Virtual size: 229KB

.text
Size: 276KB - Virtual size: 273KB

.rdata
Size: 60KB - Virtual size: 59KB

.data
Size: 12KB - Virtual size: 23KB

.rsrc
Size: 232KB - Virtual size: 229KB