634e86742f3a851fd16f364cd06860b0_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

634e86742f3a851fd16f364cd06860b0_NeikiAnalytics.exe
Size

3.3MB
MD5

634e86742f3a851fd16f364cd06860b0
SHA1

136740c7bd7ab600508c04aa08fc8fc959367fb3
SHA256

25618256290f2ea4e8f26dad0dcea294a131d585518533c9845795548044d896
SHA512

67de82610bde77b2e3cb223f858ee1ddf398a662e0e8193b6c8f5664355bbfd49bf9e23be004967911903c87d6804f754b4c01af696f1c7b254346e104825cf2
SSDEEP

49152:BWtMC11IKrX5qzzI+Kotjczw7f9iDgS9770qBxYVX0630pNyhWH:BIsQqPI+Bj/9IE+xd6kpNyhWH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
634e86742f3a851fd16f364cd06860b0_NeikiAnalytics.exe

Files

634e86742f3a851fd16f364cd06860b0_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

c32672c8ca4c47ae6efb3cbcfa5cd175

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

mmioSeek
mmioStringToFOURCCW
mmioDescend
mmioRead
mmioOpenW

comctl32

ord17

uxtheme

EnableThemeDialogTexture

dsound

ord11

kernel32

lstrlenW
LoadLibraryA
CompareStringA
GetFullPathNameW
QueryPerformanceCounter
GetFileAttributesW
CompareStringW
QueryPerformanceFrequency
WriteFile
GetCurrentProcess
GetTempPathW
OutputDebugStringA
GetVersionExA
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
DeleteFileA
ReadFile
CreateFileA
GetTempFileNameA
GetTempPathA
GetModuleHandleA
VirtualFree
VirtualAlloc
MapViewOfFile
GetFileSize
CreateFileMappingA
CreateFileW
UnmapViewOfFile
FindResourceA
GetSystemInfo
IsProcessorFeaturePresent
InterlockedExchange
InterlockedCompareExchange
GetFullPathNameA
FreeResource
DeleteFileW
SetFilePointer
lstrcmpiA
MoveFileA
MoveFileW
GetTempFileNameW
IsBadWritePtr
GlobalMemoryStatus
SetEndOfFile
ExpandEnvironmentStringsA
GetEnvironmentStrings
GetLocaleInfoW
GetCurrentDirectoryA
GetModuleFileNameA
IsValidCodePage
GetOEMCP
FlushFileBuffers
GetConsoleMode
GetConsoleCP
HeapCreate
GetFileType
GetStdHandle
SetHandleCount
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetCPInfo
ExitProcess
RtlUnwind
GetStartupInfoA
GetCommandLineA
FindFirstFileW
GetDriveTypeW
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
GetTimeZoneInformation
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
HeapSize
HeapReAlloc
HeapDestroy
RaiseException
GetThreadLocale
GetLocaleInfoA
GetACP
GetTickCount
GetCurrentProcessId
GetUserDefaultLCID
FreeEnvironmentStringsW
EnumSystemLocalesA
IsValidLocale
VirtualQuery
GetProcessHeap
HeapFree
HeapAlloc
DeleteCriticalSection
EnterCriticalSection
GetProcAddress
GetLastError
LeaveCriticalSection
GetVersionExW
LoadLibraryW
GetSystemDirectoryW
InitializeCriticalSection
FreeLibrary
GetCommandLineW
MultiByteToWideChar
GetModuleFileNameW
SizeofResource
FindResourceW
Sleep
LockResource
lstrcpynW
GetModuleHandleW
LoadResource
FindResourceExW
lstrcpyW
WriteProcessMemory
CloseHandle
VirtualAllocEx
ReadProcessMemory
VirtualFreeEx
OpenProcess
CreateProcessW
GetFileAttributesA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
GetDriveTypeA
SetEnvironmentVariableA
FreeEnvironmentStringsA
GetEnvironmentStringsW

user32

GetIconInfo
GetDC
ReleaseDC
SetCapture
PtInRect
OffsetRect
GetKeyboardLayout
CallWindowProcW
ReleaseCapture
UnregisterClassA
DestroyWindow
SetCursor
IsIconic
ValidateRgn
IsWindowVisible
FillRect
RegisterClassExW
UnregisterClassW
LoadCursorW
CallNextHookEx
GetClassLongW
GetMenu
GetWindowPlacement
GetAsyncKeyState
SetRect
GetWindowLongW
FindWindowW
EnumDisplayMonitors
GetWindowTextW
SystemParametersInfoW
MonitorFromWindow
SetWindowLongW
SetMenu
ClipCursor
SetWindowsHookExW
RegisterClassW
GetSystemMetrics
AdjustWindowRect
DestroyMenu
GetMonitorInfoW
EnumDisplaySettingsW
InvalidateRect
ScreenToClient
GetDlgItem
PostMessageW
TranslateMessage
PeekMessageW
CreateWindowExW
DispatchMessageW
LoadMenuIndirectW
EndDialog
SetWindowTextW
EndPaint
SetTimer
GetWindowRect
PostQuitMessage
TrackPopupMenu
GetSubMenu
GetParent
BeginPaint
LoadIconW
SetWindowPos
GetCursorPos
LoadStringW
ShowWindow
CreateDialogParamW
GetMenuItemCount
IsWindow
FindWindowExW
MessageBoxW
SendMessageW
DefWindowProcW
CheckMenuItem
GetWindowThreadProcessId
GetWindow
GetClientRect
GetKeyboardLayoutList

gdi32

DeleteObject
GetDIBits
DeleteDC
CreateSolidBrush
SelectObject
CreateDIBSection
GetObjectA
GetTextMetricsA
GetGlyphOutlineA
GetObjectW
GdiFlush
SetTextColor
SetBkColor
SetBkMode
GetTextMetricsW
GetFontLanguageInfo
CreateFontIndirectA
CreateFontIndirectW
SetTextAlign
SetMapMode
ExtTextOutA
MoveToEx
ExtTextOutW
GetCharacterPlacementW
CreateCompatibleDC
GetStockObject
BitBlt
GetCharacterPlacementA

advapi32

RegQueryValueExA
RegSetValueExW
RegDeleteValueW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegOpenKeyA

shell32

SHGetDesktopFolder
ExtractIconW
Shell_NotifyIconW

ole32

RegisterDragDrop
CoCreateGuid
CLSIDFromString
StringFromGUID2
CoCreateInstance
CoInitialize
OleInitialize
RevokeDragDrop

oleaut32

SysAllocString
SysFreeString

shlwapi

PathFileExistsW

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 280KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c32672c8ca4c47ae6efb3cbcfa5cd175

Headers

File Characteristics

Imports

winmm

comctl32

uxtheme

dsound

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 280KB - Virtual size: 279KB

.data Size: 72KB - Virtual size: 124KB

.rsrc Size: 1.3MB - Virtual size: 1.3MB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 280KB - Virtual size: 279KB

.data
Size: 72KB - Virtual size: 124KB

.rsrc
Size: 1.3MB - Virtual size: 1.3MB