3279139cc942a6080b9aca3cbe0f9c70_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

3279139cc942a6080b9aca3cbe0f9c70_NeikiAnalytics.exe
Size

1.7MB
MD5

3279139cc942a6080b9aca3cbe0f9c70
SHA1

4c2917a4e02c45d1c5d63baf4d1e2cc514bc00fe
SHA256

40d3a46a2ace0e337341d0621a8220d309a13fa304123a338a0edc63081e8f23
SHA512

bef25127c083f1d18a3e740ac4f32b872fe05de5f1722e704ba423ffe7cfc5fe2e38b67cbb50733bac87e49e4903567f0e12b357efd46fe51b42ebf7715a38d5
SSDEEP

24576:TU2xZSfJ0lhoYoT0DW93/FogVroF1u/PkYzokZpNx9d2xxojsGeTV4el7QFD+0R3:TL4J0zov8U9ogVsKP7bsk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3279139cc942a6080b9aca3cbe0f9c70_NeikiAnalytics.exe

Files

3279139cc942a6080b9aca3cbe0f9c70_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

cbf3e2fbc877a0cba1e3baf3449ad2c8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mpr

WNetCloseEnum

comctl32

ImageList_SetIconSize
ImageList_Write
ord17
ImageList_Add
ImageList_BeginDrag
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
ImageList_DrawEx
ImageList_EndDrag
ImageList_GetBkColor
ImageList_GetDragImage
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_Read
ImageList_Remove
ImageList_Replace
ImageList_ReplaceIcon
_TrackMouseEvent
ImageList_SetBkColor

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

kernel32

CreateEventA
CreateFileA
CreateFileW
CreateThread
DeleteCriticalSection
DeleteFileA
DeleteFileW
EnumCalendarInfoA
ExitProcess
ExitThread
FileTimeToDosDateTime
FileTimeToLocalFileTime
FindClose
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
FindResourceA
FindResourceW
FormatMessageA
FormatMessageW
FreeLibrary
FreeResource
GetACP
GetComputerNameA
GetCPInfo
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatA
GetDiskFreeSpaceA
GetDriveTypeA
GetFileAttributesA
GetFileAttributesW
GetFullPathNameA
GetFullPathNameW
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetPrivateProfileStringA
GetPrivateProfileStringW
GetProcAddress
GetProfileStringA
GetShortPathNameA
GetShortPathNameW
GetStartupInfoA
GetStdHandle
GetStringTypeExA
GetStringTypeExW
GetThreadLocale
GetUserDefaultLCID
CreateDirectoryW
GlobalAddAtomA
GlobalAlloc
GlobalDeleteAtom
GlobalFindAtomA
GlobalFree
GlobalLock
GlobalSize
GlobalUnlock
InterlockedDecrement
InterlockedExchange
CreateDirectoryA
LoadLibraryExA
LoadLibraryW
LoadResource
LocalAlloc
LocalFree
LockResource
lstrcmpA
lstrcmpW
lstrcpyA
lstrcpynA
lstrlenA
MulDiv
MultiByteToWideChar
QueryPerformanceFrequency
RaiseException
ReadFile
ResetEvent
SetEndOfFile
SetErrorMode
SetEvent
SetFileAttributesA
SetFileAttributesW
SetFilePointer
SetLastError
SetThreadLocale
SizeofResource
Sleep
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteFile
WritePrivateProfileStringA
WritePrivateProfileStringW
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
HeapReAlloc
HeapAlloc
GetOEMCP
HeapFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
TlsAlloc
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetCurrentProcess
TerminateProcess
GetVersion
RtlUnwind
CompareStringW
CompareStringA
CloseHandle
GetSystemTimeAsFileTime
GetCommandLineA
InitializeCriticalSection
EnterCriticalSection
GetTickCount
LeaveCriticalSection
LoadLibraryA
GetTimeZoneInformation
GetCommandLineW
GetLocalTime
GetConsoleMode
InterlockedIncrement
GetVersionExA

user32

GetIconInfo
GetKeyboardLayoutList
DrawTextW
GetKeyboardState
GetKeyboardType
GetKeyNameTextA
GetKeyNameTextW
GetKeyState
GetLastActivePopup
GetMenuItemCount
GetMenuItemID
GetMenuItemInfoA
GetMenuItemInfoW
GetMenuState
GetMenuStringA
GetMenuStringW
GetMessagePos
GetMessageTime
GetParent
GetPropA
GetScrollInfo
GetScrollPos
GetScrollRange
GetSubMenu
GetSysColorBrush
GetSystemMenu
GetSystemMetrics
GetTopWindow
GetWindowDC
GetWindowLongA
GetWindowLongW
GetWindowPlacement
GetWindowRect
GetWindowTextA
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
InflateRect
InsertMenuA
InsertMenuItemA
IntersectRect
InvalidateRect
IsChild
IsDialogMessageA
IsDialogMessageW
IsIconic
IsRectEmpty
IsWindowEnabled
IsWindowUnicode
IsWindowVisible
IsZoomed
KillTimer
LoadBitmapA
LoadCursorA
LoadIconA
LoadKeyboardLayoutA
LoadStringA
MapVirtualKeyA
MapVirtualKeyW
MapWindowPoints
MessageBeep
MessageBoxA
OemToCharA
OffsetRect
OpenClipboard
PeekMessageA
PeekMessageW
PostMessageA
PostMessageW
PostQuitMessage
PtInRect
RedrawWindow
RegisterClassA
RegisterClassW
RegisterClipboardFormatA
RegisterWindowMessageA
ReleaseCapture
ReleaseDC
RemoveMenu
GetForegroundWindow
ScreenToClient
ScrollWindow
SendDlgItemMessageA
SendMessageA
SendMessageTimeoutA
GetClassNameA
SetActiveWindow
SetCapture
SetClassLongA
SetClipboardData
SetClipboardViewer
SetCursor
SetFocus
SetForegroundWindow
SetMenuItemInfoA
SetMenuItemInfoW
SetParent
SetPropA
SetRect
SetScrollInfo
SetScrollPos
SetScrollRange
SetTimer
SetWindowLongA
SetWindowLongW
SetWindowPlacement
SetWindowPos
SetWindowsHookExA
SetWindowsHookExW
SetWindowTextA
SetWindowTextW
ShowOwnedPopups
ShowScrollBar
ShowWindow
SystemParametersInfoA
TrackPopupMenu
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnregisterClassA
UnregisterClassW
UpdateWindow
VkKeyScanW
WaitMessage
WindowFromPoint
AdjustWindowRectEx
AttachThreadInput
BeginPaint
BringWindowToTop
CallNextHookEx
CallWindowProcA
CallWindowProcW
ChangeClipboardChain
CharLowerA
CharLowerBuffA
CharLowerBuffW
DrawTextA
DrawMenuBar
DrawIconEx
DrawFrameControl
DrawFocusRect
DrawEdge
DispatchMessageW
DispatchMessageA
DestroyWindow
DestroyMenu
DestroyIcon
DestroyCursor
DeleteMenu
DefWindowProcW
DefWindowProcA
DefMDIChildProcW
DefMDIChildProcA
DefFrameProcW
DefFrameProcA
CreateWindowExW
CreateWindowExA
CreatePopupMenu
GetFocus
GetDlgItem
GetDesktopWindow
GetDCEx
GetCursorPos
GetClipboardData
GetClientRect
RemovePropA
GetClassNameW
CharNextA
CharNextW
CharToOemA
CharUpperA
CharUpperBuffA
CharUpperBuffW
CheckMenuItem
ChildWindowFromPoint
ClientToScreen
CloseClipboard
CopyIcon
CountClipboardFormats
CreateIconFromResourceEx
GetClassLongA
GetClassInfoW
GetClassInfoA
GetCapture
GetActiveWindow
FrameRect
FindWindowA
FillRect
EqualRect
EnumWindows
EnumThreadWindows
EnumClipboardFormats
EnumChildWindows
EndPaint
EnableWindow
EnableScrollBar
EnableMenuItem
SendMessageW
EmptyClipboard
CreateMenu
CreateMDIWindowW
CreateIconIndirect
GetKeyboardLayoutNameA

winspool.drv

EnumPrintersA
OpenPrinterA
DocumentPropertiesA
ClosePrinter

comdlg32

GetOpenFileNameA
GetOpenFileNameW
GetSaveFileNameA
ChooseFontA
GetSaveFileNameW

advapi32

AddAccessAllowedAce
AllocateAndInitializeSid
FreeSid
GetLengthSid
InitializeAcl
InitializeSecurityDescriptor
OpenProcessToken
OpenThreadToken
RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegFlushKey
RegOpenKeyExA
RegQueryInfoKeyA
RegQueryValueExA
RegSetValueExA
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
DuplicateToken

shell32

ShellExecuteExW
ShellExecuteExA
ShellExecuteA
DragQueryFileW
DragFinish
DragAcceptFiles
CommandLineToArgvW
ShellExecuteW

ole32

CoCreateGuid
CoCreateInstance
CoGetClassObject
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
CreateStreamOnHGlobal
IsAccelerator
OleDraw
OleSetMenuDescriptor
ProgIDFromCLSID
StringFromCLSID

oleaut32

VariantCopyInd
VariantClear
VariantChangeType
SysReAllocStringLen
SysFreeString
SysAllocStringLen
SetErrorInfo
SafeArrayUnaccessData
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElement
SafeArrayCreate
SafeArrayAccessData
GetErrorInfo
GetActiveObject
VariantInit

Sections

.text
Size: 760KB - Virtual size: 758KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ring9
Size: 799KB - Virtual size: 800KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cbf3e2fbc877a0cba1e3baf3449ad2c8

Headers

File Characteristics

Imports

mpr

comctl32

version

kernel32

user32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 760KB - Virtual size: 758KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 12KB - Virtual size: 20KB

.rsrc Size: 180KB - Virtual size: 180KB

.ring9 Size: 799KB - Virtual size: 800KB

.text
Size: 760KB - Virtual size: 758KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 12KB - Virtual size: 20KB

.rsrc
Size: 180KB - Virtual size: 180KB

.ring9
Size: 799KB - Virtual size: 800KB