7765e221f850fb11cfb841a473cb3ba0_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

7765e221f850fb11cfb841a473cb3ba0_NeikiAnalytics.exe
Size

1.4MB
MD5

7765e221f850fb11cfb841a473cb3ba0
SHA1

a422271bf1695d9109fb6e035924f286017eccfc
SHA256

0df89bee4bec271ff5147f474145d34c46ee5f09485e0ee1c376a4d0c536b1cf
SHA512

1542a1bf442f4e6a246cc2da611ef645d9516269f427d90b03f4c0b74052e0b109d5df1a02eea8b870983ecadd74fb3728a48e2dd17a82707670acdad910d49b
SSDEEP

24576:nGWSq7cKluJVsjKVDrlrDevbUS7dt6lMCC12Af9gkWr4ucSLg2Dr0:Cq73lcVoKVDrlrDevbUilTl9w3Dr0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7765e221f850fb11cfb841a473cb3ba0_NeikiAnalytics.exe

Files

7765e221f850fb11cfb841a473cb3ba0_NeikiAnalytics.exe
.exe windows:5 windows x86 arch:x86

1fa83ca24215dfb82d45eef9a5aa1c4a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipCloneImage
GdipLoadImageFromFileICM
GdipLoadImageFromFile
GdipFree
GdipAlloc
GdipSaveImageToStream
GdipCreateHBITMAPFromBitmap
GdipGetImageEncodersSize
GdipGetImageEncoders
GdiplusStartup
GdiplusShutdown
GdipDisposeImage

rpcrt4

UuidCreate

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

msi

ord204

winmm

PlaySoundA

iphlpapi

GetAdaptersInfo

kernel32

GetFileAttributesExA
GetFileAttributesA
GetFileSizeEx
GetFileTime
DeleteCriticalSection
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GetModuleHandleW
GetCurrentDirectoryA
GlobalFlags
GetCPInfo
GetOEMCP
SetErrorMode
RtlUnwind
RaiseException
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetFullPathNameA
HeapFree
ExitProcess
GetSystemTimeAsFileTime
GetDriveTypeA
HeapAlloc
HeapReAlloc
GetTimeZoneInformation
GetCommandLineA
GetStartupInfoA
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
ExitThread
HeapSize
SetStdHandle
GetFileType
GetACP
IsValidCodePage
LCMapStringA
LCMapStringW
GetConsoleCP
GetConsoleMode
SetHandleCount
GetStdHandle
HeapCreate
VirtualFree
InitializeCriticalSectionAndSpinCount
GetStringTypeA
GetStringTypeW
GetFileInformationByHandle
PeekNamedPipe
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetLocaleInfoW
GetProcessHeap
CompareStringW
SetEnvironmentVariableA
GetVolumeInformationA
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
FileTimeToLocalFileTime
GetThreadLocale
InterlockedIncrement
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
FreeResource
WritePrivateProfileStringA
GetCurrentProcessId
GlobalAddAtomA
CreateEventA
SuspendThread
SetEvent
SetThreadPriority
GlobalDeleteAtom
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
LoadLibraryExA
CompareStringA
InterlockedExchange
lstrcmpA
GlobalFree
GlobalUnlock
MulDiv
lstrlenA
InterlockedDecrement
GetModuleFileNameW
GetModuleHandleA
lstrcpynA
CreateProcessA
SetLastError
LoadLibraryA
GetProcAddress
FreeLibrary
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
RemoveDirectoryA
GetTempFileNameA
GetWindowsDirectoryA
Sleep
TerminateThread
CreateThread
CreateDirectoryA
FormatMessageA
OutputDebugStringA
MultiByteToWideChar
GetSystemDirectoryA
CreateFileA
WriteFile
GlobalAlloc
GlobalLock
lstrcpyA
lstrcatA
GetVersionExA
GetUserDefaultUILanguage
GetCurrentThread
GetCurrentProcess
LocalAlloc
LocalFree
ResumeThread
WaitForSingleObject
CloseHandle
DeleteFileA
GetTempPathA
GetTickCount
GetLastError
OpenProcess
GetExitCodeProcess
TerminateProcess
GetModuleFileNameA
LoadResource
LockResource
SizeofResource
FindResourceA
WideCharToMultiByte
FindFirstFileA
CompareFileTime
FindNextFileA
GetSystemTime
FileTimeToSystemTime
CreateToolhelp32Snapshot
Process32First
Process32Next
IsDebuggerPresent
CreateFileW

user32

GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatA
PostThreadMessageA
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
SetRectEmpty
TranslateAcceleratorA
CharUpperA
InflateRect
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
FillRect
CharNextA
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
RegisterWindowMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
TrackPopupMenu
SetMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
CopyRect
DefWindowProcA
CallWindowProcA
GetMenu
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
InvalidateRgn
SetFocus
MoveWindow
GetDlgCtrlID
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
GetDlgItem
GetWindow
SetWindowContextHelpId
MapDialogRect
GetLastActivePopup
IsWindowEnabled
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
GetFocus
ModifyMenuA
CheckMenuItem
PostQuitMessage
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
UnhookWindowsHookEx
GetSystemMenu
EnableMenuItem
GetWindowThreadProcessId
IsWindowVisible
GetWindowRect
CloseWindow
ShowWindow
DrawFrameControl
PostMessageA
GetSysColor
LoadBitmapA
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
IsIconic
DrawIcon
InvalidateRect
GetSystemMetrics
IsWindow
GetKeyboardState
keybd_event
SetForegroundWindow
BringWindowToTop
SetActiveWindow
SetRect
IsRectEmpty
CopyAcceleratorTableA
SetCapture
GetDC
ReleaseDC
GetSysColorBrush
UnregisterClassA
GetMenuItemInfoA
UnpackDDElParam
ReuseDDElParam
LoadMenuA
GetWindowTextA
DestroyMenu
GetParent
GetClientRect
SetWindowPos
PtInRect
LoadCursorA
SetCursor
GetWindowLongA
SetWindowLongA
EnableWindow
SetTimer
GetDesktopWindow
KillTimer
LoadIconA
SendMessageA
UpdateWindow
MessageBoxA
ReleaseCapture
ShowOwnedPopups

gdi32

SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
ScaleViewportExtEx
OffsetViewportOrgEx
CreateRectRgnIndirect
GetTextExtentPoint32A
GetRgnBox
SetViewportExtEx
SetViewportOrgEx
GetPixel
CreateSolidBrush
GetStockObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
LPtoDP
CreateCompatibleBitmap
GetMapMode
GetWindowExtEx
GetViewportExtEx
DPtoLP
GetBkColor
GetCurrentObject
CreateCompatibleDC
SelectObject
BitBlt
DeleteObject
GetDeviceCaps
GetObjectA
CreateFontIndirectA
SetMapMode
SetBkMode
RestoreDC
SaveDC
GetTextColor
SetBkColor
SetTextColor
GetClipBox
CreateBitmap

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

DuplicateToken
RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
AbortSystemShutdownA
RegQueryInfoKeyA
RegEnumKeyExA
RegSetValueExA
RegQueryValueExA
RegCloseKey
OpenThreadToken
OpenProcessToken
RegOpenKeyExW
InitializeSecurityDescriptor
GetLengthSid
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
IsValidSecurityDescriptor
AccessCheck
AllocateAndInitializeSid
CheckTokenMembership
FreeSid
RegOpenKeyExA
OpenSCManagerA
EnumServicesStatusA
RegQueryValueExW

shell32

SHGetFolderPathA
Shell_NotifyIconA
DragFinish
DragQueryFileA
ShellExecuteA

comctl32

ord17

shlwapi

PathFindFileNameA
PathFindExtensionA
PathStripToRootA
PathIsUNCA
UrlUnescapeA
AssocQueryStringA

oledlg

ord8

ole32

CLSIDFromString
CoTaskMemAlloc
CoGetClassObject
CoTaskMemFree
StringFromCLSID
CreateStreamOnHGlobal
CoInitializeEx
CLSIDFromProgID
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes

oleaut32

VariantCopy
OleCreateFontIndirect
VariantChangeType
SysAllocStringLen
SysAllocStringByteLen
SysStringLen
VariantInit
SafeArrayCreateVector
SysAllocString
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayDestroy
VariantClear
VariantTimeToSystemTime
SystemTimeToVariantTime
SysFreeString

urlmon

ObtainUserAgentString
URLDownloadToFileA

wininet

InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetGetLastResponseInfoA
HttpQueryInfoA
HttpAddRequestHeadersA
InternetQueryDataAvailable
InternetCanonicalizeUrlA
DeleteUrlCacheEntry
InternetReadFile
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
InternetOpenUrlA
InternetCloseHandle
InternetCrackUrlA
InternetOpenA
InternetSetOptionA

Sections

.text
Size: 941KB - Virtual size: 940KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 210KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 246KB - Virtual size: 245KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1fa83ca24215dfb82d45eef9a5aa1c4a

Headers

DLL Characteristics

File Characteristics

Imports

gdiplus

rpcrt4

version

msi

winmm

iphlpapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

urlmon

wininet

Sections

.text Size: 941KB - Virtual size: 940KB

.rdata Size: 210KB - Virtual size: 209KB

.data Size: 14KB - Virtual size: 35KB

.rsrc Size: 246KB - Virtual size: 245KB

.reloc Size: 71KB - Virtual size: 71KB

.text
Size: 941KB - Virtual size: 940KB

.rdata
Size: 210KB - Virtual size: 209KB

.data
Size: 14KB - Virtual size: 35KB

.rsrc
Size: 246KB - Virtual size: 245KB

.reloc
Size: 71KB - Virtual size: 71KB