661117b1ef5bf9104596a5770c7ab190_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

661117b1ef5bf9104596a5770c7ab190_NeikiAnalytics.exe
Size

3.4MB
MD5

661117b1ef5bf9104596a5770c7ab190
SHA1

8bbc687a69dea84ee0f7fddcda7ef5c64cd32e48
SHA256

9b611f72a2b04454d280b32be00a841fba5d609f03141e93fdb0843cc6a69126
SHA512

3740d422952e02afc0155c65f90be11c8b4b60a71bb48ceb08dacd2ecd7a23822dbedc6ffe2980123cf2c9ed11d7be804d81c0e648af9f171a538f05e60401b1
SSDEEP

98304:cfdrMuOK8vhCMUA/hT4h9Yf0e9VsCOxYHChhhhhhhhhhhhhhhhhhhhhhhhhhhhhD:YdrMquh+98DVIYHk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
661117b1ef5bf9104596a5770c7ab190_NeikiAnalytics.exe

Files

661117b1ef5bf9104596a5770c7ab190_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

9c1f5d9faec5dddd09e45fe8c08460d5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
MultiByteToWideChar
RemoveDirectoryA
DeleteFileA
CopyFileA
CreateDirectoryA
GetFileAttributesA
GetModuleHandleA
GlobalMemoryStatus
FindNextFileA
GetWindowsDirectoryA
GetDiskFreeSpaceExA
GetVersionExA
GetTempFileNameA
SetThreadIdealProcessor
GetExitCodeProcess
MapViewOfFile
CreateFileMappingA
FormatMessageA
GetSystemDefaultLangID
GetUserDefaultLangID
GetSystemInfo
CreateEventA
InitializeCriticalSection
HeapAlloc
HeapReAlloc
HeapFree
GetFileType
CreateFileA
WriteFile
ExitProcess
TerminateProcess
GetCurrentProcess
InterlockedDecrement
InterlockedIncrement
ReadFile
SetFilePointer
ResumeThread
CreateThread
TlsSetValue
ExitThread
GetTimeZoneInformation
GetSystemTime
GetCurrentThreadId
GetCommandLineA
GlobalUnlock
GetEnvironmentVariableA
HeapDestroy
GlobalAlloc
VirtualFree
VirtualAlloc
IsBadWritePtr
RtlUnwind
SetStdHandle
SetEndOfFile
SetHandleCount
GetStdHandle
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
TlsAlloc
SetLastError
TlsGetValue
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeA
GetStringTypeW
FlushFileBuffers
RaiseException
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
ResetEvent
WideCharToMultiByte
GetSystemDirectoryA
FindFirstFileA
FindClose
OutputDebugStringA
GetVersion
GlobalLock
GetStartupInfoA
CreateProcessA
GetFileSize
CreateFileW
DeleteCriticalSection
InterlockedExchange
InterlockedCompareExchange
GetFullPathNameA
lstrcmpiA
IsProcessorFeaturePresent
GetProcessHeap
GetCurrentProcessId
GlobalFree
lstrcpyA
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
LoadLibraryA
GetProcAddress
WaitForMultipleObjects
FreeLibrary
FindResourceA
SizeofResource
LoadResource
LockResource
FreeResource
GetModuleFileNameA
UnmapViewOfFile
GetLocalTime
LeaveCriticalSection
EnterCriticalSection
WaitForSingleObject
SetEvent
SetCurrentDirectoryA
CreateMutexA
CloseHandle
Sleep
ReleaseMutex
HeapCreate
GetLastError

user32

GetClassNameA
SendMessageTimeoutA
IsWindowVisible
SetWindowPlacement
EnableWindow
GetDlgItem
SetWindowTextA
EndDialog
DialogBoxParamA
GetClipboardData
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
GetClientRect
UpdateWindow
MoveWindow
PostQuitMessage
DefWindowProcA
SetWindowRgn
GetWindowPlacement
SetWindowPos
ChangeDisplaySettingsExA
EnumDisplaySettingsA
RegisterClassExA
SetWindowLongA
SetFocus
GetWindowLongA
SetRect
AdjustWindowRectEx
OpenIcon
CreateIconIndirect
DestroyIcon
LoadCursorA
SetClassLongA
ClientToScreen
SetCursor
DrawMenuBar
InsertMenuItemA
CreateMenu
EnumWindows
ChangeDisplaySettingsA
SystemParametersInfoA
GetSystemMetrics
SetCursorPos
SetMenu
ShowCursor
DestroyMenu
DestroyWindow
LoadIconA
GetWindowRect
CreateWindowExA
RegisterClassA
FindWindowA
SetForegroundWindow
SendMessageA
GetWindowTextA
DeleteMenu
GetSystemMenu
IsIconic
InvalidateRect
TrackPopupMenu
GetSubMenu
ShowWindow
PostMessageA
ScreenToClient
GetCursorPos
SetKeyboardState
GetKeyboardState
PeekMessageA
DispatchMessageA
TranslateMessage
GetMessageA
ReleaseDC
GetDC
MessageBoxA

gdi32

GetDeviceCaps
SetStretchBltMode
GetObjectA
GetDIBits
ExtCreateRegion
CreateBitmap
CreateDIBSection
SetTextColor
SetBkMode
CreateFontIndirectA
SelectObject
CreateCompatibleDC
EnumFontFamiliesExA
CreateFontA
DeleteObject
DeleteDC
GetStockObject
StretchDIBits
TextOutA

shell32

DragFinish
DragQueryFileA
SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc
ShellExecuteA
DragAcceptFiles
Shell_NotifyIconA
ShellExecuteExA
SHGetSpecialFolderPathA
FindExecutableA

advapi32

RegCloseKey
RegQueryValueExA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyA
RegOpenKeyExA

comdlg32

GetSaveFileNameA

comctl32

ord17

ole32

CoUninitialize
CoCreateInstance
CoInitializeEx

winmm

waveInGetDevCapsA
waveInGetNumDevs
waveOutGetDevCapsA
waveOutGetNumDevs
mciSendStringA
timeGetDevCaps
joyGetPosEx
timeEndPeriod
mmioStringToFOURCCA
mmioOpenA
mmioAscend
mmioDescend
timeBeginPeriod
joyGetNumDevs
timeGetTime
mmioClose
mmioRead
mciSendCommandA

msacm32

acmStreamClose
acmStreamUnprepareHeader
acmStreamConvert
acmStreamPrepareHeader
acmStreamSize
acmStreamOpen
acmFormatSuggest

imm32

ImmAssociateContext

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

d3d9

Direct3DCreate9

dsound

ord1

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 119KB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data1
Size: 512B - Virtual size: 184B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9c1f5d9faec5dddd09e45fe8c08460d5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comdlg32

comctl32

ole32

winmm

msacm32

imm32

version

d3d9

dsound

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 144KB - Virtual size: 143KB

.data Size: 119KB - Virtual size: 2.9MB

_RDATA Size: 27KB - Virtual size: 26KB

.data1 Size: 512B - Virtual size: 184B

.sxdata Size: 512B - Virtual size: 8B

.rsrc Size: 1.6MB - Virtual size: 1.6MB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 144KB - Virtual size: 143KB

.data
Size: 119KB - Virtual size: 2.9MB

_RDATA
Size: 27KB - Virtual size: 26KB

.data1
Size: 512B - Virtual size: 184B

.sxdata
Size: 512B - Virtual size: 8B

.rsrc
Size: 1.6MB - Virtual size: 1.6MB