7cabb13beb2b9d1f4b6a8dd82e784590_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

7cabb13beb2b9d1f4b6a8dd82e784590_NeikiAnalytics.exe
Size

2.3MB
MD5

7cabb13beb2b9d1f4b6a8dd82e784590
SHA1

efd763ae4f75597cf04023ea4cf88540ae18601e
SHA256

91525495f6743a3a0e304029c0a29f9208ba89913733324f36a8f449346c9896
SHA512

dba99ada2fa96a6c15c3e00fd6bbed007109c178877f3a820aa97a53c75056548c4beeb4ce0aaf85afebac488eb585ee9a4de2ddcd78c873e9a147312eecc2f4
SSDEEP

49152:a1qDnc3LTyR0oeOO9OrI3uP5Qr9hRB2Z86+/y8ENU:acDBeOO9OkTr9XB2Z8fy3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7cabb13beb2b9d1f4b6a8dd82e784590_NeikiAnalytics.exe

Files

7cabb13beb2b9d1f4b6a8dd82e784590_NeikiAnalytics.exe
.dll windows:5 windows x86 arch:x86

2a09cd5b47a67c8b727e20870be67ae4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThreadId
LockResource
GlobalFree
GlobalUnlock
GetVersionExW
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetProcessHeap
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SizeofResource
GetStringTypeW
DeleteCriticalSection
FlushFileBuffers
SetStdHandle
CreateFileW
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetTimeZoneInformation
SetFilePointer
ReadFile
GetCurrentDirectoryA
GetFullPathNameA
GetModuleHandleA
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetConsoleMode
GetConsoleCP
GlobalLock
GlobalSize
InterlockedDecrement
InterlockedIncrement
LoadResource
FindResourceA
Sleep
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
TryEnterCriticalSection
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
InterlockedExchangeAdd
MultiByteToWideChar
GetModuleFileNameW
WideCharToMultiByte
GetStringTypeA
GetACP
GetCPInfo
GetStartupInfoA
GetFileType
SetHandleCount
GetModuleFileNameA
GetStdHandle
WriteFile
HeapSize
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
VirtualAlloc
VirtualFree
HeapDestroy
HeapCreate
ExitProcess
GetProcAddress
GetModuleHandleW
CreateDirectoryA
RaiseException
RtlUnwind
GetSystemTimeAsFileTime
FindFirstFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
GetCommandLineA
HeapReAlloc
CreateDirectoryW
HeapAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
HeapFree
GetLastError
GetFileAttributesA
CopyFileA
MulDiv
GlobalAlloc
GetEnvironmentVariableA
GetLogicalDriveStringsA
GetDriveTypeA
GetVolumeInformationA
GetComputerNameA
CreateFileA
DeviceIoControl
CloseHandle
GetComputerNameW
GetVolumeInformationW
GetDriveTypeW
DeleteFileA
GetLogicalDriveStringsW
GetTickCount

user32

PeekMessageW
CallWindowProcW
SetMenuItemInfoW
DestroyMenu
SendMessageW
DialogBoxParamA
CreateDialogParamA
ShowWindow
GetWindowLongA
SetWindowLongA
LoadCursorA
SetDlgItemTextW
PtInRect
SendDlgItemMessageW
GetDlgItem
MessageBoxA
EndDialog
EnableWindow
RedrawWindow
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
SetWindowTextA
SetDlgItemTextA
SendDlgItemMessageA
CreateWindowExW
CreatePopupMenu
SetWindowLongW
GetWindowTextW
AppendMenuW
GetWindowLongW
DispatchMessageW
GetMenuItemInfoW
SetFocus
TrackPopupMenu
GetWindowRect
DestroyWindow
DefWindowProcW
MapWindowPoints
GetSystemMetrics
RegisterClassW
ReleaseCapture
UnhookWindowsHookEx
SetWindowsHookExW
GetCursor
GetCursorPos
SetWindowPos
GetClassNameW
InvalidateRect
GetAsyncKeyState
GetDC
wsprintfW
BeginPaint
WindowFromPoint
CallNextHookEx
LoadCursorW
TrackMouseEvent
GetParent
GetKeyState
UnregisterClassW
SetCapture
GetUpdateRgn
EndPaint
SetTimer
KillTimer
GetDoubleClickTime
MessageBoxW
SetCursor

gdi32

CreateDIBSection
CreateRectRgn
CreateFontIndirectW
DeleteObject
GetStockObject
SetBkMode
SetTextColor
CreateFontA
GetDeviceCaps
TextOutA
SetBkColor
SelectObject
SetTextAlign

advapi32

RegCreateKeyExA
RegOpenKeyExW
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegQueryValueExW
RegCloseKey

shell32

ShellExecuteA
DragQueryFileW
ShellExecuteW

ole32

RegisterDragDrop
CoCreateInstance
RevokeDragDrop
OleUninitialize
OleInitialize
CreateStreamOnHGlobal

wininet

HttpOpenRequestA
InternetSetOptionA
InternetAttemptConnect
InternetConnectA
InternetQueryOptionA
HttpEndRequestA
HttpSendRequestA
InternetOpenA
InternetReadFile
InternetCloseHandle

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

gdiplus

GdipFree
GdipGetImageHeight
GdipGetImagePixelFormat
GdipCreateBitmapFromScan0
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipDrawImageRectI
GdipGraphicsClear
GdipBitmapUnlockBits
GdipAlloc
GdipDisposeImage
GdipSetCompositingMode
GdipSetCompositingQuality
GdipSetInterpolationMode
GdipBitmapLockBits
GdipCloneImage
GdipGetImageWidth
GdipSetPixelOffsetMode
GdipCreateHBITMAPFromBitmap
GdiplusShutdown
GdipDeleteBrush
GdipDeletePen
GdipCloneBrush
GdipCloneBitmapAreaI
GdipSetImageAttributesColorMatrix
GdipDrawImageRectRectI
GdipMeasureString
GdipCreateBitmapFromStream
GdipSetTextRenderingHint
GdipGetFontHeightGivenDPI
GdipDeleteFont
GdipGetDpiY
GdipSetClipRectI
GdipSetSmoothingMode
GdipDeleteFontFamily
GdipCreateSolidFill
GdipDisposeImageAttributes
GdiplusStartup
GdipFillEllipseI
GdipCreatePen1
GdipSetPenDashStyle
GdipDrawLineI
GdipCreateBitmapFromResource
GdipDrawImageRect
GdipSetSolidFillColor
GdipCreateFromHDC
GdipCreateFontFamilyFromName
GdipFillRectangle
GdipDrawString
GdipDrawRectangle
GdipCreateImageAttributes
GdipGetGenericFontFamilySansSerif
GdipCreateBitmapFromHBITMAP
GdipSetPageUnit
GdipCreateFont
GdipSetPenColor
GdipSetPenWidth

comdlg32

GetOpenFileNameA
GetSaveFileNameA

Exports

Exports

ExitDll
GetPluginFactory
InitDll

Sections

.text
Size: 396KB - Virtual size: 395KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 533KB - Virtual size: 533KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 455KB - Virtual size: 471KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.shared
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 910KB - Virtual size: 910KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2a09cd5b47a67c8b727e20870be67ae4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

wininet

version

gdiplus

comdlg32

Exports

Exports

Sections

.text Size: 396KB - Virtual size: 395KB

.rdata Size: 533KB - Virtual size: 533KB

.data Size: 455KB - Virtual size: 471KB

.shared Size: 512B - Virtual size: 4B

.rsrc Size: 910KB - Virtual size: 910KB

.reloc Size: 33KB - Virtual size: 33KB

.text
Size: 396KB - Virtual size: 395KB

.rdata
Size: 533KB - Virtual size: 533KB

.data
Size: 455KB - Virtual size: 471KB

.shared
Size: 512B - Virtual size: 4B

.rsrc
Size: 910KB - Virtual size: 910KB

.reloc
Size: 33KB - Virtual size: 33KB