d2ff04a38f38cb1ca814fc6caee558d0_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

d2ff04a38f38cb1ca814fc6caee558d0_NeikiAnalytics.exe
Size

1.3MB
MD5

d2ff04a38f38cb1ca814fc6caee558d0
SHA1

bb15c3548b4178a90ee222ca35a24a31433d789a
SHA256

2504fa95da096daf957948885682efb1bdd762eae1eef6f496964d3290143970
SHA512

020bc1cf2047bfbb658427260a4f9e1aaf6270ad0a81b7d966f5a0af152cdec63c1251f55dfedaaf9529f31a7b623b3f0cfd149f919908ef6153f9f9e90213ea
SSDEEP

3072:W5DGGpDJFPeWv+BCEB+z01WJiG90mD83uRk7oI1XzfnAGunvtpWTECjnEG:2DdFPeWwCxz0MDQFDsvtpcECjnD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
d2ff04a38f38cb1ca814fc6caee558d0_NeikiAnalytics.exe

Files

d2ff04a38f38cb1ca814fc6caee558d0_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

1e661bdd924b4febef2197f8aba6e136

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadCodePtr
IsBadReadPtr
GetStringTypeW
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetProfileStringA
LoadLibraryA
GetProcAddress
GetModuleFileNameA
GetPrivateProfileStringA
GetStringTypeA
SetUnhandledExceptionFilter
LCMapStringW
LCMapStringA
IsBadWritePtr
VirtualAlloc
OutputDebugStringA
Sleep
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetTimeZoneInformation
GetACP
HeapSize
HeapReAlloc
RaiseException
HeapAlloc
HeapFree
GetCommandLineA
GetStartupInfoA
RtlUnwind
TerminateProcess
ExitProcess
FormatMessageA
GetFileTime
GetFileSize
GetFileAttributesA
GetTickCount
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
SetErrorMode
GetOEMCP
GetCPInfo
SizeofResource
GetThreadLocale
GetProcessVersion
GetLastError
WritePrivateProfileStringA
GlobalFlags
GetCurrentThreadId
GetCurrentThread
lstrcmpiA
lstrcmpA
GlobalDeleteAtom
GlobalAlloc
GlobalLock
CloseHandle
GlobalFree
LockResource
LoadResource
FindResourceA
InterlockedIncrement
InterlockedDecrement
lstrlenA
WideCharToMultiByte
MultiByteToWideChar
GlobalUnlock
GetModuleHandleA
lstrcpyA
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
lstrcatA
GetVersion
FreeLibrary
SetLastError
MulDiv
LocalAlloc
LocalFree
InitializeCriticalSection
TlsAlloc
DeleteCriticalSection
GlobalHandle
TlsFree
LeaveCriticalSection
GlobalReAlloc
EnterCriticalSection
TlsSetValue
LocalReAlloc
TlsGetValue
lstrcpynA

user32

ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
IsWindowUnicode
PostThreadMessageA
RegisterClipboardFormatA
InflateRect
CharUpperA
InvalidateRect
MessageBeep
GetNextDlgGroupItem
SetRect
CopyAcceleratorTableA
CharNextA
GetSysColorBrush
ShowCaret
HideCaret
LoadIconA
RegisterWindowMessageA
SendMessageA
PtInRect
GetClassNameA
GetDesktopWindow
EnableWindow
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
PostMessageA
PostQuitMessage
SetCursor
MessageBoxA
GetWindowLongA
IsWindowEnabled
GetLastActivePopup
GetParent
SetWindowsHookExA
GetCursorPos
PeekMessageA
IsWindowVisible
ValidateRect
CallNextHookEx
GetKeyState
GetActiveWindow
DispatchMessageA
TranslateMessage
GetMessageA
GetNextDlgTabItem
GetFocus
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
SetWindowContextHelpId
GetWindow
SetWindowPos
MapDialogRect
GetDlgItem
DestroyWindow
CreateDialogIndirectParamA
IsWindow
SetActiveWindow
EndDialog
GetWindowRect
GetWindowPlacement
SystemParametersInfoA
IntersectRect
OffsetRect
SetWindowLongA
SetForegroundWindow
GetForegroundWindow
GetMessagePos
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
UnhookWindowsHookEx
SetPropA
GetClassLongA
CreateWindowExA
DefWindowProcA
GetDlgCtrlID
GetWindowTextA
GetWindowTextLengthA
GetMenuItemID
GetSubMenu
GetMenuItemCount
GetMenu
RegisterClassA
GetClassInfoA
wsprintfA
WinHelpA
GetCapture
IsChild
GetTopWindow
CopyRect
ScreenToClient
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
SendDlgItemMessageA
UpdateWindow
IsDialogMessageA
SetWindowTextA
MoveWindow
ShowWindow
LoadStringA
DestroyMenu
ClientToScreen
GetDC
ReleaseDC
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
LoadCursorA
UnregisterClassA

gdi32

GetTextExtentPointA
BitBlt
CreateCompatibleDC
CreateBitmap
GetClipBox
SetTextColor
SetBkColor
GetObjectA
DeleteDC
SaveDC
RestoreDC
SelectObject
GetStockObject
SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
CreateDIBitmap
DeleteObject
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextColor
GetBkColor
DPtoLP
LPtoDP
GetMapMode
PatBlt

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
RegSetValueExA
RegDeleteValueA
RegOpenKeyExA
RegCreateKeyExA

comctl32

ord17

oledlg

ord8

ole32

CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard

olepro32

ord253

oleaut32

SysStringLen
SysAllocStringByteLen
SysAllocString
VariantChangeType
VariantCopy
VariantTimeToSystemTime
VariantClear
SysAllocStringLen
SysFreeString

Sections

.text
Size: 132KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 20KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1e661bdd924b4febef2197f8aba6e136

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 132KB - Virtual size: 130KB

.rdata Size: 36KB - Virtual size: 33KB

.data Size: 20KB - Virtual size: 32KB

.rsrc Size: 92KB - Virtual size: 92KB

.text
Size: 132KB - Virtual size: 130KB

.rdata
Size: 36KB - Virtual size: 33KB

.data
Size: 20KB - Virtual size: 32KB

.rsrc
Size: 92KB - Virtual size: 92KB