8a9e623aa8034fd706f70ad579efdd50_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

8a9e623aa8034fd706f70ad579efdd50_NeikiAnalytics.exe
Size

758KB
MD5

8a9e623aa8034fd706f70ad579efdd50
SHA1

6120406696f646b1121cd2f7c047457ee521353a
SHA256

2ad4d44dc039e811cb8cdcb861921ee6b2c366238315b6f3ec9062cf36e842a3
SHA512

c1183a894f9b873be4188e4a6e98e9afb26bdf0a0f3f34e94f47633ea1bdc61a912050d6a8f232b05ee98576df9ce82f88d0c4e82ef46183dde1ba0c44898885
SSDEEP

12288:RqV6cAZKRzo9bPBxOLsc/yPZWfRJ/kkkkckkkkbkkkhkkJ:4TAZKOnULsc/yPZ+Jr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8a9e623aa8034fd706f70ad579efdd50_NeikiAnalytics.exe

Files

8a9e623aa8034fd706f70ad579efdd50_NeikiAnalytics.exe
.exe windows:5 windows x86 arch:x86

07e7da8ceff5e8d217538e8d78106a45

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Build\miranda-src\miranda\bin9\Release\miranda32.pdb

Imports

ws2_32

bind
select
htons
accept
ntohl
socket
WSAStartup
WSACleanup
shutdown
htonl
__WSAFDIsSet
getsockopt
sendto
setsockopt
send
recv
closesocket
connect
ioctlsocket
inet_ntoa
gethostbyaddr
inet_addr
gethostbyname
gethostname
ntohs
listen
getsockname
WSAGetLastError

comctl32

ImageList_Create
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_Remove
ImageList_BeginDrag
ImageList_EndDrag
ImageList_DragMove
ImageList_DragEnter
ImageList_DragLeave
ImageList_DrawEx
ImageList_Add
ImageList_Draw
_TrackMouseEvent
ImageList_Destroy
InitCommonControlsEx

winmm

PlaySoundA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

kernel32

QueueUserAPC
GetProcAddress
GetModuleHandleA
GetCurrentProcess
DuplicateHandle
SetLastError
ResetEvent
GetProcessHeaps
HeapCompact
GetTickCount
WaitForMultipleObjectsEx
GetCommandLineA
OpenProcess
LoadLibraryA
GetVersion
GetCurrentProcessId
FreeLibrary
lstrcpynA
CreateMutexA
InitializeCriticalSection
EnterCriticalSection
DeleteCriticalSection
LeaveCriticalSection
lstrlenA
GetPrivateProfileStringA
WaitForMultipleObjects
MoveFileA
FindNextFileA
FindClose
WritePrivateProfileStringA
GetShortPathNameA
lstrcmpA
GlobalAddAtomA
GlobalDeleteAtom
lstrcmpiA
lstrcpyA
lstrcatA
DeleteFileA
FindNextChangeNotification
FindFirstChangeNotificationA
FindCloseChangeNotification
CreateFileA
LockResource
LoadResource
FindResourceA
IsBadStringPtrW
IsBadStringPtrA
SizeofResource
FreeResource
GetLocaleInfoA
InterlockedIncrement
InterlockedDecrement
HeapAlloc
GetProcessHeap
GetVersionExA
Sleep
GetLastError
CreateProcessA
GetTimeFormatA
QueryPerformanceCounter
QueryPerformanceFrequency
FormatMessageA
LCMapStringA
GetPrivateProfileIntA
HeapCreate
HeapDestroy
GetFileAttributesA
GetLocalTime
GetDateFormatA
FileTimeToSystemTime
GetCurrentDirectoryA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GlobalSize
MulDiv
CreateFileMappingA
MapViewOfFile
GetFileSize
UnmapViewOfFile
GetFullPathNameA
CreateDirectoryA
GetEnvironmentVariableA
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
GetSystemTime
GetTimeZoneInformation
GlobalGetAtomNameA
WriteFile
IsBadReadPtr
ReadFile
TerminateThread
GetModuleFileNameA
CloseHandle
CreateEventA
GetCurrentThread
SetThreadPriority
GetCurrentThreadId
SetEvent
SleepEx
ReleaseMutex
WaitForSingleObject
WideCharToMultiByte
MultiByteToWideChar
OutputDebugStringA
InterlockedExchange
InterlockedCompareExchange
GetStartupInfoA
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
FindFirstFileA

user32

GetMessagePos
GetKeyState
CharUpperA
GetScrollPos
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
SetScrollInfo
ScrollWindow
SetScrollPos
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
UnpackDDElParam
PackDDElParam
SetCursor
RegisterClassA
GetIconInfo
MapDialogRect
GetWindowPlacement
SetWindowPlacement
RemoveMenu
CheckMenuItem
ShowScrollBar
InvalidateRgn
GetDoubleClickTime
WindowFromPoint
ChildWindowFromPointEx
ScrollWindowEx
DrawMenuBar
GetMenuStringA
DeleteMenu
IsIconic
MoveWindow
GetActiveWindow
InsertMenuItemA
SetMenuDefaultItem
FindWindowA
SetParent
GetMenu
SetMenu
FrameRect
ReplyMessage
IsZoomed
GetMenuItemID
MenuItemFromPoint
CreateMenu
LookupIconIdFromDirectoryEx
CreateIconFromResourceEx
UnhookWindowsHookEx
GetPropA
SetPropA
IsRectEmpty
MessageBeep
MapWindowPoints
DrawTextA
DrawIcon
SetRect
SetDlgItemInt
wsprintfA
GetWindow
EnumChildWindows
SetMenuItemInfoA
GetMenuItemInfoA
GetMenuItemCount
CharNextExA
GetDlgItemInt
GetFocus
IntersectRect
EqualRect
GetShellWindow
GetDesktopWindow
SystemParametersInfoA
CharUpperBuffA
GetSubMenu
LoadMenuA
SetForegroundWindow
IsWindow
ChildWindowFromPoint
RedrawWindow
SetWindowPos
CreateDialogIndirectParamA
OffsetRect
LoadImageA
DestroyMenu
TrackPopupMenu
AppendMenuA
CreatePopupMenu
IsWindowVisible
SetFocus
CallWindowProcA
CopyIcon
EnumWindows
RegisterWindowMessageA
SendMessageTimeoutA
GetClassNameA
MessageBoxA
GetAsyncKeyState
ReleaseCapture
ScreenToClient
SetWindowsHookExA
GetKeyboardLayout
GetKeyNameTextA
MapVirtualKeyA
UnregisterHotKey
RegisterHotKey
CallNextHookEx
SetActiveWindow
DrawIconEx
CharLowerA
UpdateWindow
ClientToScreen
SetCapture
KillTimer
PtInRect
GetCursorPos
GetWindowRect
EndPaint
BeginPaint
FindWindowExA
RemovePropA
GetDlgCtrlID
InvalidateRect
GetSysColor
GetWindowTextA
CopyRect
GetWindowTextLengthA
DestroyIcon
DrawStateA
GetSystemMetrics
DrawFocusRect
InflateRect
DrawFrameControl
DrawEdge
FillRect
ReleaseDC
GetDC
GetSysColorBrush
IsWindowEnabled
GetClientRect
LoadCursorA
CreateDialogParamA
GetParent
GetDlgItemTextA
SetDlgItemTextA
IsDlgButtonChecked
GetDlgItem
EnableWindow
CheckDlgButton
SetWindowTextA
SendMessageA
SetClassLongA
DestroyWindow
PostQuitMessage
GetClassLongA
GetWindowThreadProcessId
GetForegroundWindow
DialogBoxParamA
GetWindowLongA
EndDialog
SendDlgItemMessageA
SetWindowLongA
MsgWaitForMultipleObjects
SetTimer
DispatchMessageA
TranslateMessage
IsDialogMessageA
PeekMessageA
CreateWindowExA
RegisterClassExA
DefWindowProcA
PostMessageA
ShowWindow

gdi32

CombineRgn
CreateDIBSection
CreateFontIndirectA
ExtTextOutA
LineTo
MoveToEx
CreatePen
SetBkColor
GetStockObject
DeleteDC
BitBlt
GetTextExtentPoint32A
SetTextColor
SetBkMode
GetObjectA
DeleteObject
GetCurrentObject
SelectClipRgn
StretchBlt
GdiFlush
GetTextMetricsA
GetDeviceCaps
CreateDIBitmap
SelectObject
CreateCompatibleBitmap
CreateRectRgnIndirect
CreateBrushIndirect
TextOutA
OffsetRgn
CreateRectRgn
CreateBitmap
GetDIBits
CreateHatchBrush
CreateSolidBrush
CreateCompatibleDC

comdlg32

ChooseColorA
GetOpenFileNameA
ChooseFontA
GetSaveFileNameA

advapi32

RegQueryValueExA
RegCloseKey
RegEnumKeyExA
GetUserNameA
RegOpenKeyExA

shell32

Shell_NotifyIconA
DragQueryFileA
SHBrowseForFolderA
SHGetPathFromIDListA
ExtractIconA
SHGetFileInfoA
SHGetDesktopFolder
ExtractIconExA
ShellExecuteA
SHFileOperationA
SHAppBarMessage

ole32

OleInitialize
CoCreateInstance
OleUninitialize
CoTaskMemAlloc
CoTaskMemFree
RegisterDragDrop
RevokeDragDrop

oleaut32

OleLoadPicturePath

zlib

inflate
inflateEnd
inflateInit2_

msvcr90

strcspn
strchr
_strnicmp
_stricmp
strrchr
fclose
fopen
_ltow
tolower
_itoa
_ltoa
strncpy
??3@YAXPAX@Z
memmove
setlocale
atol
strstr
_beginthreadex
_beginthread
??2@YAPAXI@Z
_vsnprintf
free
realloc
malloc
strncat
isalpha
srand
rand
strcoll
exit
_unlock
__dllonexit
_encode_pointer
_access
_chdir
strncmp
feof
fgets
strtol
strtoul
_stat32
_ctime32
isxdigit
strspn
sscanf
fseek
ftell
atoi
qsort
bsearch
_strlwr
fprintf
_time32
_stat32i64
_strtime
sprintf
_lock
_onexit
_decode_pointer
_amsg_exit
__getmainargs
_cexit
_exit
_XcptFilter
_ismbblead
_acmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler4_common
?terminate@@YAXXZ
_invoke_watson
_controlfp_s
_crt_debugger_hook
memset
_except_handler3
memcpy

Sections

.text
Size: 392KB - Virtual size: 392KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 302KB - Virtual size: 301KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

07e7da8ceff5e8d217538e8d78106a45

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ws2_32

comctl32

winmm

version

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

zlib

msvcr90

Sections

.text Size: 392KB - Virtual size: 392KB

.rdata Size: 58KB - Virtual size: 57KB

.data Size: 4KB - Virtual size: 16KB

.rsrc Size: 302KB - Virtual size: 301KB

.text
Size: 392KB - Virtual size: 392KB

.rdata
Size: 58KB - Virtual size: 57KB

.data
Size: 4KB - Virtual size: 16KB

.rsrc
Size: 302KB - Virtual size: 301KB