91c626dfb3a81ae470f2627005a2a310_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

91c626dfb3a81ae470f2627005a2a310_NeikiAnalytics.exe
Size

2.2MB
MD5

91c626dfb3a81ae470f2627005a2a310
SHA1

f285a87f12cf99e195823a95e8cb34166f12c249
SHA256

97bd47c32aa0ad014f6a9e46b58354373ccba49512591cd838a1ab872cd31210
SHA512

c6a7e7e594c731fad5029234b3ebd7fcff765a0834578663f85bd4a1ee64a6d3011e1c45a065a0975ca7eb5a792cacf73e34efb04a9754521690911bf036d4d9
SSDEEP

49152:LS4z2PssLtBAJbUyNzAbVIqglXfyq8sw3B8T19YbwsSWWFZR/9DQe:l2RLtBmUyNzAbq/lqq8sw6YyWWFZR1D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
91c626dfb3a81ae470f2627005a2a310_NeikiAnalytics.exe

Files

91c626dfb3a81ae470f2627005a2a310_NeikiAnalytics.exe
.exe windows:5 windows x86 arch:x86

e78da2b0f005d2bf930853143426dc73

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\wj\project\企业云盘\DataStore6_pack\source\Client\ShareSetting\Release\ShareSetting.pdb

Imports

kernel32

EnumSystemLocalesA
IsValidLocale
GetLocaleInfoA
InterlockedCompareExchange
WriteConsoleW
GetTimeZoneInformation
IsValidCodePage
GetOEMCP
GetACP
GetConsoleMode
GetConsoleCP
GetStringTypeW
LCMapStringW
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
QueryPerformanceCounter
HeapCreate
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
SetUnhandledExceptionFilter
GetFileType
SetStdHandle
VirtualQuery
GetSystemInfo
VirtualAlloc
GetSystemTimeAsFileTime
HeapSize
HeapQueryInformation
CreateThread
ExitThread
ExitProcess
RaiseException
HeapReAlloc
RtlUnwind
HeapAlloc
HeapFree
GetCPInfo
DecodePointer
EncodePointer
GetStartupInfoW
HeapSetInformation
FindResourceExW
GetUserDefaultLCID
VirtualProtect
GetNumberFormatW
GetWindowsDirectoryW
SearchPathW
GetProfileIntW
GetTickCount
GetFileTime
GetFileSizeEx
FileTimeToLocalFileTime
GetFileAttributesExW
GetTempFileNameW
SetErrorMode
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
lstrcmpiW
GlobalFindAtomW
InitializeCriticalSectionAndSpinCount
GlobalFlags
GetVersionExW
GetSystemDirectoryW
GetCurrentDirectoryW
CompareStringW
InterlockedIncrement
FileTimeToSystemTime
GetThreadLocale
lstrlenA
GlobalGetAtomNameW
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GetCurrentProcessId
GlobalAddAtomW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
WaitForSingleObject
ResumeThread
SetThreadPriority
lstrcpyW
FreeResource
lstrcmpA
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
LoadLibraryW
lstrcmpW
GetModuleHandleW
GetProcAddress
GetLocaleInfoW
LoadLibraryExW
InterlockedExchange
GlobalFree
CopyFileW
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
lstrlenW
MulDiv
FreeLibrary
InterlockedDecrement
SetLastError
ActivateActCtx
ReleaseActCtx
CreateActCtxW
DeactivateActCtx
LockResource
SizeofResource
LoadResource
FindResourceW
LocalFree
GetCommandLineW
OutputDebugStringA
GetModuleFileNameW
OpenEventW
WriteFile
ReadFile
CloseHandle
TransactNamedPipe
SetNamedPipeHandleState
WaitNamedPipeW
GetLastError
CreateFileW
Sleep
DeleteFileW
GetFileAttributesW
SetFileAttributesW
GetTempPathW
WideCharToMultiByte
MultiByteToWideChar
SetEnvironmentVariableA
GetProcessHeap

user32

CharUpperW
DestroyIcon
IsIconic
SendDlgItemMessageA
WinHelpW
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
DestroyWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
RedrawWindow
CreateWindowExW
GetClassInfoExW
RegisterClassW
AdjustWindowRectEx
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
CallWindowProcW
GetMenu
MessageBeep
IsChild
GetTopWindow
GetNextDlgTabItem
GetNextDlgGroupItem
InvalidateRgn
EqualRect
IntersectRect
SetRect
IsRectEmpty
CopyAcceleratorTableW
OffsetRect
CharNextW
SetFocus
ShowWindow
MoveWindow
SetWindowLongW
IsWindow
IsDialogMessageW
SendDlgItemMessageW
GetDlgItem
CheckDlgButton
KillTimer
SetTimer
InvalidateRect
UpdateWindow
RealChildWindowFromPoint
GetDlgCtrlID
GetWindowRect
GetClassNameW
PtInRect
SetWindowTextW
EndPaint
DestroyCursor
TranslateAcceleratorW
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
GetClassInfoW
DefWindowProcW
MapWindowPoints
GetClientRect
SetLayeredWindowAttributes
EnumDisplayMonitors
SystemParametersInfoW
GetMonitorInfoW
SetRectEmpty
CopyRect
DeleteMenu
WaitMessage
GetDesktopWindow
ReleaseCapture
GetCapture
WindowFromPoint
SetCapture
ScreenToClient
ClientToScreen
LoadCursorW
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
GetWindowTextLengthW
GetWindowTextW
UnregisterClassW
GetWindowThreadProcessId
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
EnableWindow
ShowOwnedPopups
SetCursor
SetWindowsHookExW
DrawIcon
CallNextHookEx
GetMessageW
LoadIconW
MessageBoxW
UnhookWindowsHookEx
RemoveMenu
GetSubMenu
TranslateMessage
DispatchMessageW
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
ModifyMenuW
EnableMenuItem
CheckMenuItem
RegisterWindowMessageW
SendMessageW
GetWindow
BringWindowToTop
CreatePopupMenu
InsertMenuItemW
LoadAcceleratorsW
LoadImageW
DestroyMenu
LoadMenuW
ReuseDDElParam
UnpackDDElParam
InflateRect
GetMenuItemInfoW
IsZoomed
SetWindowRgn
SetParent
DestroyAcceleratorTable
NotifyWinEvent
SetWindowContextHelpId
GetParent
MapDialogRect
SetWindowPos
PostQuitMessage
PostMessageW
GetMenuState
GetMenuStringW
AppendMenuW
GetMenuItemID
InsertMenuW
GetAsyncKeyState
GetWindowRgn
GetWindowDC
GetMenuItemCount
HideCaret
InvertRect
SubtractRect
MapVirtualKeyExW
IsCharLowerW
GetIconInfo
GetDoubleClickTime
CharUpperBuffW
CopyIcon
SetClassLongW
CloseClipboard
SetClipboardData
OpenClipboard
GetMenuDefaultItem
GetUpdateRect
FrameRect
IsClipboardFormatAvailable
SetMenuDefaultItem
PostThreadMessageW
CreateMenu
IsMenu
UpdateLayeredWindow
EnableScrollBar
MonitorFromPoint
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
UnionRect
GetKeyNameTextW
CreateDialogIndirectParamW
EndDialog
CopyImage
RegisterClipboardFormatW
LockWindowUpdate
SetCursorPos
CreateAcceleratorTableW
GetKeyboardState
GetKeyboardLayout
MapVirtualKeyW
ToUnicodeEx
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
DrawStateW
BeginPaint
GetSystemMenu
EmptyClipboard

gdi32

ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
GetLayout
SetLayout
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
SelectPalette
GetObjectType
CreateHatchBrush
GetBkColor
GetTextColor
GetRgnBox
GetTextExtentPoint32W
GetClipBox
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
CombineRgn
PatBlt
CreateEllipticRgn
Polyline
Ellipse
Polygon
SetRectRgn
GetMapMode
DPtoLP
OffsetRgn
SetDIBColorTable
RealizePalette
StretchBlt
SetPixel
Rectangle
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
EnumFontFamiliesExW
GetTextFaceW
SetPixelV
SetMapMode
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
DeleteObject
GetTextCharsetInfo
EnumFontFamiliesW
GetTextMetricsW
BitBlt
CreateCompatibleDC
CreateRectRgnIndirect
CreateCompatibleBitmap
GetObjectW
CreateFontIndirectW
CreatePatternBrush
CreateSolidBrush
CreatePen
GetStockObject
CreateDIBitmap
CreateBitmap
CreateDCW
GetDeviceCaps
CopyMetaFileW

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegEnumValueW
RegQueryValueExA
RegCloseKey
RegOpenKeyA
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegEnumKeyExW
RegOpenKeyExA
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW

shell32

DragFinish
SHChangeNotify
CommandLineToArgvW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetMalloc
SHAppBarMessage
ShellExecuteW
DragQueryFileW
SHFileOperationW
SHGetFileInfoW
SHBrowseForFolderW
SHGetPathFromIDListW

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathFindExtensionW
PathRemoveFileSpecW

ole32

OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoInitializeEx
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
OleTranslateAccelerator
CoUninitialize
CoInitialize
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
IsAccelerator
OleLockRunning
CreateStreamOnHGlobal
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
CoRevokeClassObject
CoRegisterMessageFilter
RevokeDragDrop
CoLockObjectExternal
OleGetClipboard
RegisterDragDrop
CoGetClassObject
CoTaskMemFree

oleaut32

VariantClear
VariantChangeType
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SysStringLen
VarBstrFromDate
OleCreateFontIndirect
VariantInit
SysAllocStringLen
SysAllocString
SystemTimeToVariantTime
SysFreeString

oledlg

OleUIBusyW

gdiplus

GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipDrawImageI

ws2_32

WSAStartup
sendto
WSAGetLastError
socket
htons
inet_addr
WSACleanup

languagelib

ord2
ord1

resdll

?ShowShareSettingDlg@@YAXABV?$shared_ptr@VShareSettingDlgProtocol@@@tr1@std@@@Z
?ShowShareToOthersDlg@@YAXABV?$shared_ptr@VShareToOthersDlgProtocol@@@tr1@std@@@Z

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundW

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 288KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 541KB - Virtual size: 540KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 169KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e78da2b0f005d2bf930853143426dc73

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

ws2_32

languagelib

resdll

oleacc

imm32

winmm

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 288KB - Virtual size: 288KB

.data Size: 27KB - Virtual size: 57KB

.rsrc Size: 541KB - Virtual size: 540KB

.reloc Size: 169KB - Virtual size: 169KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 288KB - Virtual size: 288KB

.data
Size: 27KB - Virtual size: 57KB

.rsrc
Size: 541KB - Virtual size: 540KB

.reloc
Size: 169KB - Virtual size: 169KB