294158299fe281fa10954431b297d9f0_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

294158299fe281fa10954431b297d9f0_NeikiAnalytics.exe
Size

1.8MB
MD5

294158299fe281fa10954431b297d9f0
SHA1

9592d55ba55bf85d49f06c5afc12d404a1ee6efc
SHA256

04bea1f19273050d0322c0e5b4bd8664c8db6bae8aa1dcea22b994313cd32ad4
SHA512

37b1e438c13984abcd43e468c3d4d48f073f30e2bf89cb52bd24b60a90806c7ada6367916cd6f2564d7d6416aaf521d17299a8e63f67fa8527669b36570921ab
SSDEEP

49152:BIuAvBVWISjejUr9D6YDPPN74FzPewPosPd:BRApVWIBjW56YDPN74Fz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
294158299fe281fa10954431b297d9f0_NeikiAnalytics.exe

Files

294158299fe281fa10954431b297d9f0_NeikiAnalytics.exe
.exe windows:5 windows x86 arch:x86

6c114e5bcc3262eb8ab1a63e01c6306f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

CreateStatusWindowW
CreateToolbarEx
InitCommonControlsEx
ord17
ImageList_AddMasked
ImageList_GetImageCount
ImageList_Destroy
ImageList_Create
ImageList_ReplaceIcon
PropertySheetW

comdlg32

GetSaveFileNameW
CommDlgExtendedError
GetOpenFileNameW

gdi32

CreateFontIndirectW
DeleteObject

oleaut32

SysAllocStringLen
VariantClear
VariantCopy
SysFreeString
SysStringLen
SysAllocString

ole32

OleInitialize
CoUninitialize
CoTaskMemFree
CoInitialize
OleUninitialize
RegisterDragDrop
RevokeDragDrop
DoDragDrop
CoCreateInstance
ReleaseStgMedium
CoTaskMemAlloc

user32

WindowFromPoint
IsWindowEnabled
UpdateWindow
SetTimer
MapVirtualKeyW
CheckMenuRadioItem
RemoveMenu
GetSubMenu
EnableMenuItem
CheckMenuItem
DrawMenuBar
SetMenu
GetMenu
LoadMenuW
SendDlgItemMessageW
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
LoadIconW
GetClientRect
TranslateAcceleratorW
LoadAcceleratorsW
ReleaseCapture
SetCapture
GetCapture
IsZoomed
SetWindowPlacement
GetWindowPlacement
PostQuitMessage
DispatchMessageW
TranslateMessage
GetMessageW
ClientToScreen
SetCursor
TrackPopupMenuEx
AppendMenuW
ChildWindowFromPointEx
GetKeyState
GetFocus
SetDlgItemTextW
PostMessageW
SetWindowTextW
EnableWindow
SetFocus
EndDialog
DestroyWindow
LoadBitmapW
DestroyMenu
CreatePopupMenu
MessageBoxW
LoadCursorW
GetClassInfoW
RegisterClassW
DefWindowProcW
CreateWindowExW
CallWindowProcW
GetMonitorInfoA
MonitorFromWindow
SystemParametersInfoW
MapDialogRect
GetParent
SetWindowLongW
GetWindowLongW
ScreenToClient
GetWindowRect
GetDialogBaseUnits
GetDlgItem
DialogBoxParamW
MoveWindow
ShowWindow
GetWindowTextLengthW
GetWindowTextW
RegisterClipboardFormatW
SendMessageW
LoadStringW
SetMenuItemInfoW
GetMenuItemInfoW
InsertMenuItemW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
CharUpperW
GetCursorPos
GetMenuItemCount
KillTimer
DestroyIcon
SetDlgItemTextA
CharPrevExA
InvalidateRect

advapi32

RegQueryValueExW
GetUserNameW
LsaClose
LsaOpenPolicy
LsaAddAccountRights
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExA
RegQueryValueExA
GetFileSecurityW
SetFileSecurityW
RegSetValueExW
LookupAccountNameW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW

shell32

ShellExecuteExW
SHGetSpecialFolderPathW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
SHFileOperationW
SHGetSpecialFolderLocation
ShellExecuteW
ExtractIconExW
SHChangeNotify
SHGetDesktopFolder

kernel32

CreateEventW
ReleaseSemaphore
ResetEvent
SetEvent
InitializeCriticalSection
VirtualFree
VirtualAlloc
GetOEMCP
LocalFileTimeToFileTime
lstrcatW
ExpandEnvironmentStringsW
SetPriorityClass
Sleep
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
OpenProcess
GetSystemDefaultLangID
GetUserDefaultLangID
MoveFileWithProgressW
CopyFileExW
GetCompressedFileSizeW
WaitForSingleObject
FindNextChangeNotification
GetVersionExW
GetVersion
GetCommandLineW
GetProcessTimes
DeleteCriticalSection
QueryPerformanceFrequency
QueryPerformanceCounter
WaitForMultipleObjects
LeaveCriticalSection
EnterCriticalSection
GlobalSize
IsProcessorFeaturePresent
UnhandledExceptionFilter
CreateProcessW
GetModuleHandleW
GlobalFree
GlobalAlloc
FormatMessageW
LocalFree
LoadLibraryW
GetModuleFileNameW
FreeLibrary
GlobalLock
GlobalUnlock
GetProcessHeap
ResumeThread
HeapAlloc
GetVolumeInformationW
GetDriveTypeW
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
DosDateTimeToFileTime
FileTimeToDosDateTime
GetSystemTimeAsFileTime
GetProcessAffinityMask
GlobalMemoryStatus
GetSystemInfo
GetCurrentProcess
FileTimeToSystemTime
FileTimeToLocalFileTime
CompareFileTime
DeviceIoControl
WriteFile
SetFilePointer
SetEndOfFile
ReadFile
GetFileSize
GetProcAddress
GetModuleHandleA
GetLogicalDriveStringsW
GetFileInformationByHandle
GetFileAttributesW
FindNextFileW
FindFirstFileW
FindFirstChangeNotificationW
FindCloseChangeNotification
FindClose
GetStdHandle
CreateHardLinkW
MoveFileW
GetWindowsDirectoryW
GetCurrentThreadId
GetCurrentProcessId
SetLastError
SetUnhandledExceptionFilter
TerminateProcess
IsDebuggerPresent
GetStartupInfoW
InitializeSListHead
RtlUnwind
ExitProcess
GetModuleHandleExW
CreateSemaphoreW
SetThreadAffinityMask
LoadLibraryExA
ExpandEnvironmentStringsA
RaiseException
VirtualProtect
HeapFree
VirtualQuery
lstrlenW
CloseHandle
GetTempPathW
SetFileTime
SetFileAttributesW
RemoveDirectoryW
DeleteFileW
CreateFileW
CreateDirectoryW
GetCurrentDirectoryW
SetCurrentDirectoryW
GetTickCount
WideCharToMultiByte
GetLastError
MultiByteToWideChar

msvcrt

_XcptFilter
memcmp
memcpy
_CxxThrowException
memmove
strstr
wcsstr
memset
strchr
_except_handler3
__CxxFrameHandler
_amsg_exit
wcscmp
strcmp
strlen
wcslen
free
malloc
realloc
_beginthreadex
_callnewh
_initterm
__p__commode
abort
_errno
?terminate@@YAXXZ
__getmainargs
_msize
__set_app_type
_ismbblead
_acmdln
_fmode
?_set_new_mode@@YAHH@Z
_control87

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 229KB - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 377KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6c114e5bcc3262eb8ab1a63e01c6306f

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

comdlg32

gdi32

oleaut32

ole32

user32

advapi32

shell32

kernel32

msvcrt

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 229KB - Virtual size: 229KB

.data Size: 1KB - Virtual size: 377KB

.rsrc Size: 60KB - Virtual size: 59KB

.reloc Size: 59KB - Virtual size: 59KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 229KB - Virtual size: 229KB

.data
Size: 1KB - Virtual size: 377KB

.rsrc
Size: 60KB - Virtual size: 59KB

.reloc
Size: 59KB - Virtual size: 59KB