f5d4b8049a6fe7fa52c33b21ae5cae30_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

f5d4b8049a6fe7fa52c33b21ae5cae30_NeikiAnalytics.exe
Size

4.3MB
MD5

f5d4b8049a6fe7fa52c33b21ae5cae30
SHA1

f99bdaf386182b5cab70090ee252babb4cb98c92
SHA256

80b9c05f57c93415903ba1c25006fa1df0e4f5efbecd806e84850d6f782619fe
SHA512

06e06f96b0d3c072293f9b28ce715ac5b2c40a79480313f6aead5d8b90b2d1955e6779df324f476183fc7e338afe25cbb39ce389d56c44e0024570ad24268825
SSDEEP

49152:YPoew0++JAYJVV0KA/MsmfMolH10EF0yuL9W3WGQvo3g729+VTEWuRR6R9RZRA2C:Cyib0KA/UMoJ10i0y2rG07G+DN7Zt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f5d4b8049a6fe7fa52c33b21ae5cae30_NeikiAnalytics.exe

Files

f5d4b8049a6fe7fa52c33b21ae5cae30_NeikiAnalytics.exe
.exe windows:6 windows x86 arch:x86

dc85f1143335f2af3c6dd2bd3e9ea456

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EncodePointer
RtlUnwind
WriteConsoleW
CloseHandle
CreateFileW
ReadConsoleW
ReadFile
SetFilePointerEx
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
HeapReAlloc
HeapSize
GetProcessHeap
GetStringTypeW
GetFileType
SetStdHandle
RaiseException
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
MultiByteToWideChar
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
GetTempPathW
DeleteCriticalSection
SetEnvironmentVariableW
LeaveCriticalSection
EnterCriticalSection
HeapFree
HeapAlloc
SetLastError
GetLastError
GetProcAddress
GetModuleHandleExW
FreeLibrary
GetModuleFileNameW
WriteFile
GetStdHandle
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
VirtualProtect
HeapCreate
GetSystemInfo
ExitProcess
HeapDestroy
GetLocaleInfoW
GetModuleHandleW
VerLanguageNameW
EndUpdateResourceW
UpdateResourceW
BeginUpdateResourceW
GetTimeZoneInformation
GetFileSizeEx
SystemTimeToTzSpecificLocalTime
LCMapStringEx
CompareStringEx
DecodePointer
InitializeCriticalSectionEx
GetNativeSystemInfo
CloseThreadpoolWork
SubmitThreadpoolWork
CreateThreadpoolWork
FreeLibraryWhenCallbackReturns
SleepConditionVariableSRW
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable
TryAcquireSRWLockExclusive
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
InitOnceComplete
InitOnceBeginInitialize
WaitForSingleObjectEx
lstrcmpW
GetFullPathNameW
GetFileInformationByHandle
GetFileAttributesA
CreateFileA
GetLocaleInfoA
SystemTimeToFileTime
GetLocalTime
QueryPerformanceFrequency
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateDirectoryW
CopyFileW
SetFileAttributesW
GetFileAttributesW
GetDriveTypeW
TerminateThread
CreateThread
WaitForMultipleObjects
CreateEventW
ResetEvent
SetEvent
FindNextChangeNotification
FindFirstChangeNotificationW
FindCloseChangeNotification
FileTimeToSystemTime
GetWindowsDirectoryW
GetDiskFreeSpaceW
FileTimeToLocalFileTime
CompareFileTime
SetErrorMode
GetLogicalDrives
FindFirstFileW
GlobalFree
GlobalLock
GlobalUnlock
GlobalSize
GlobalAlloc
Sleep
GetTickCount
LoadLibraryW
DeleteFileW
SetEndOfFile
SetFilePointer
GetFileSize
GetVersionExW
MulDiv
GetEnvironmentVariableW
DuplicateHandle
CreatePipe
WaitForSingleObject
CreateProcessW
PeekNamedPipe
GetExitCodeProcess
InitializeCriticalSection

user32

InflateRect
EndPaint
MapWindowPoints
SubtractRect
DrawFrameControl
DrawTextW
SetWindowPos
GetAsyncKeyState
KillTimer
GetCursorPos
ScreenToClient
SetTimer
GetSystemMetrics
GetParent
FindWindowExW
IsWindow
SetParent
SystemParametersInfoW
GetDlgCtrlID
FindWindowW
ShowWindow
CreateWindowExW
GetClassLongW
SetClassLongW
GetComboBoxInfo
IsRectEmpty
GetMonitorInfoW
UpdateWindow
SetMenuItemBitmaps
SetMenuItemInfoW
PostMessageW
GetKeyState
BeginPaint
FillRect
SetWindowLongW
DefWindowProcW
CallWindowProcW
GetWindow
GetClassNameW
ReleaseDC
OffsetRect
GetDC
LoadImageW
AdjustWindowRect
PostQuitMessage
MonitorFromWindow
MonitorFromPoint
SystemParametersInfoA
CreateIconIndirect
DrawTextA
GetAncestor
NotifyWinEvent
FrameRect
MonitorFromRect
GetWindowRect
DestroyCursor
PtInRect
SetCaretPos
ShowCaret
IsWindowEnabled
InvalidateRect
GetSysColor
GetClientRect
GetWindowLongW
RedrawWindow
SendMessageW
EnumChildWindows
GetCapture
ReleaseCapture
SetPropW
GetPropW
LoadIconW
DestroyWindow
IsIconic
IsZoomed
DrawStateW
RemovePropW
GetIconInfo
MoveWindow
MessageBoxW
GetMessageW
TranslateMessage
DispatchMessageW
UnregisterClassW
RegisterClassExW
BringWindowToTop
SetFocus
EnableWindow
CreateAcceleratorTableW
DestroyAcceleratorTable
TranslateAcceleratorW
SetForegroundWindow
GetWindowTextW
GetWindowTextLengthW
LoadCursorW
IsDialogMessageW
GetForegroundWindow
GetWindowThreadProcessId
IsWindowVisible
EnumWindows
PeekMessageW
GetMessagePos
SetCapture
SetCursor
ClipCursor
DrawFocusRect
IntersectRect
ClientToScreen
GetFocus
ChildWindowFromPointEx
SetWindowTextW
GetSysColorBrush
SetRect
ValidateRect
SetScrollInfo
GetScrollInfo
SetScrollPos
GetScrollPos
GetScrollRange
GetWindowDC
LoadStringW
CreateDialogParamW
EndDialog
SetDlgItemTextW
GetDlgItemTextW
SendDlgItemMessageW
DestroyIcon
GetMenu
GetSubMenu
ShowScrollBar
DefMDIChildProcW
GetUpdateRect
EnumPropsExW
GetDoubleClickTime
AdjustWindowRectEx
SetActiveWindow
RegisterClassW
GetActiveWindow
MsgWaitForMultipleObjects
TrackPopupMenu
DefFrameProcW
IsChild
CreatePopupMenu
SetMenu
AppendMenuW
DestroyMenu
GetMenuItemCount
ModifyMenuW
GetMenuItemInfoW
DrawIconEx
CreateMenu
RegisterWindowMessageW
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
GetClipboardData
CopyImage
CreateIconFromResource
CreateIconFromResourceEx
CharLowerW
CharUpperW
GetKeyboardLayout
TrackMouseEvent
GetMessageTime
RegisterClipboardFormatW
IsClipboardFormatAvailable
AppendMenuA
GetUpdateRgn
CreateCaret
GetCaretBlinkTime
DestroyCaret
HideCaret

gdi32

CreatePen
GetDeviceCaps
RoundRect
GetPixel
CreateRoundRectRgn
BitBlt
SelectClipRgn
CreateRectRgn
SetTextColor
SetBkMode
SetBrushOrgEx
GetStockObject
SetDCBrushColor
StretchBlt
DeleteDC
SetStretchBltMode
CreateSolidBrush
CreatePatternBrush
DeleteObject
GetObjectA
CreateFontW
CombineRgn
Ellipse
GetTextExtentPoint32A
GetTextExtentExPointA
GetTextExtentExPointW
RestoreDC
SaveDC
GdiAlphaBlend
ExtCreatePen
ExtTextOutA
ExtTextOutW
Polygon
Polyline
SetTextAlign
GetTextMetricsW
SelectObject
GetDIBits
SetPixel
ExtSelectClipRgn
GetClipRgn
OffsetViewportOrgEx
SetViewportOrgEx
ExcludeClipRect
TextOutW
MoveToEx
LineTo
CreateRectRgnIndirect
SetBkColor
GdiGetBatchLimit
GdiSetBatchLimit
CreateDIBSection
CreateCompatibleBitmap
GetTextExtentPoint32W
SwapBuffers
SetPixelFormat
ChoosePixelFormat
CreateDCW
CreateFontIndirectW
IntersectClipRect
GetObjectW
CreateBitmap
CreateCompatibleDC
GetObjectType

comdlg32

GetSaveFileNameW
GetOpenFileNameW
ChooseFontW
ChooseColorW

advapi32

CryptDestroyHash
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
SystemFunction036
CryptAcquireContextW
CryptReleaseContext
CryptGenRandom
CryptGetHashParam
CryptCreateHash
CryptHashData

ole32

CreateStreamOnHGlobal
GetHGlobalFromStream
OleInitialize
RegisterDragDrop
RevokeDragDrop
ReleaseStgMedium
OleUninitialize
DoDragDrop
OleCreate
CoInitialize
OleSetContainedObject
CoCreateInstance
CLSIDFromProgID
CoGetObjectContext
CoUninitialize
CoInitializeEx
CoTaskMemAlloc
CoGetApartmentType
CoTaskMemFree

shell32

Shell_NotifyIconW
SHGetFolderLocation
SHGetFileInfoW
DragQueryFileW
ShellExecuteExW
ShellExecuteW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetFolderPathW

ws2_32

closesocket
WSAStartup
WSACleanup

opengl32

glLoadIdentity
glMatrixMode
glClear
wglMakeCurrent
wglGetProcAddress
glViewport
wglCreateContext
wglDeleteContext

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

shlwapi

PathCombineW
PathFindFileNameW

winmm

timeBeginPeriod

gdiplus

GdipSetPenLineCap197819
GdipSetPenWidth
GdipFillPath
GdipSetPenColor
GdipSetPenLineJoin
GdipSetPenDashStyle
GdipDrawPath
GdipResetPath
GdiplusStartup
GdipCreatePath
GdipCreateMatrix
GdipScaleMatrix
GdipCreatePen1
GdipCreateSolidFill
GdipSetPathFillMode
GdipDeleteBrush
GdipAlloc
GdipMultiplyWorldTransform
GdipTranslateMatrix
GdipMultiplyMatrix
GdipAddPathArc
GdipDeleteStringFormat
GdipDeleteGraphics
GdipRestoreGraphics
GdipGetWorldTransform
GdipDeletePen
GdipTransformMatrixPoints
GdipInvertMatrix
GdipCloneBrush
GdipCreateFromHDC
GdipSetCompositingMode
GdipSetSmoothingMode
GdipSetTextRenderingHint
GdipSetInterpolationMode
GdipTranslateWorldTransform
GdipSetPageUnit
GdipGetDpiX
GdipGetDpiY
GdipCreateFontFromDC
GdipStringFormatGetGenericTypographic
GdipFree
GdipSetStringFormatFlags
GdipGetStringFormatFlags
GdipDeleteFontFamily
GdipCreateFontFromLogfontA
GdipCreateFont
GdipDeleteFont
GdipGetFamily
GdipGetFontStyle
GdipGetFontSize
GdipDeletePath
GdipClosePathFigure
GdipAddPathString
GdipGetPathWorldBounds
GdipGetFontUnit
GdipMeasureString
GdipGetEmHeight
GdipGetCellAscent
GdipStartPathFigure
GdipAddPathLine
GdipSetPenDashOffset
GdipSetPenDashArray
GdipDrawString
GdipDeleteMatrix
GdipCreateRegion
GdipDeleteRegion
GdipFillRegion
GdipGetClip
GdipClonePath
GdipCloneMatrix
GdipClonePen
GdipSetPenBrushFill
GdipSaveGraphics
GdipCloneFont
GdipTransformPath
GdipCloneStringFormat

uxtheme

SetWindowTheme
OpenThemeData
CloseThemeData
DrawThemeBackground

comctl32

ImageList_ReplaceIcon
ImageList_SetIconSize
CreateToolbarEx
ImageList_Add
ImageList_GetIconSize
CreateStatusWindowW
InitCommonControlsEx
_TrackMouseEvent
ImageList_Destroy
ImageList_GetImageCount
ImageList_SetBkColor
ImageList_Remove
ImageList_Duplicate
ImageList_Create
ImageList_Replace
ImageList_AddMasked

oleaut32

SysAllocString
VariantClear
DispGetParam
SysAllocStringLen
SysStringLen
SysFreeString
VariantInit

imm32

ImmReleaseContext
ImmGetCompositionStringW
ImmSetCompositionStringW
ImmSetCompositionFontW
ImmEscapeW
ImmNotifyIME
ImmSetCompositionWindow
ImmSetCandidateWindow
ImmGetContext

Sections

.text
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 331KB - Virtual size: 330KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1017KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.eh_fram
Size: 182KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.debug_i
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.debug_a
Size: 1024B - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.debug_l
Size: 1024B - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.debug_a
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.debug_r
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.debug_l
Size: 1024B - Virtual size: 779B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 163KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dc85f1143335f2af3c6dd2bd3e9ea456

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

shell32

ws2_32

opengl32

version

shlwapi

winmm

gdiplus

uxtheme

comctl32

oleaut32

imm32

Sections

.text Size: 2.6MB - Virtual size: 2.6MB

.rdata Size: 331KB - Virtual size: 330KB

.data Size: 1017KB - Virtual size: 1.0MB

.eh_fram Size: 182KB - Virtual size: 181KB

.debug_i Size: 6KB - Virtual size: 5KB

.debug_a Size: 1024B - Virtual size: 552B

.debug_l Size: 1024B - Virtual size: 808B

.debug_a Size: 512B - Virtual size: 32B

.debug_r Size: 512B - Virtual size: 32B

.debug_l Size: 1024B - Virtual size: 779B

.rsrc Size: 43KB - Virtual size: 43KB

.reloc Size: 163KB - Virtual size: 162KB

.text
Size: 2.6MB - Virtual size: 2.6MB

.rdata
Size: 331KB - Virtual size: 330KB

.data
Size: 1017KB - Virtual size: 1.0MB

.eh_fram
Size: 182KB - Virtual size: 181KB

.debug_i
Size: 6KB - Virtual size: 5KB

.debug_a
Size: 1024B - Virtual size: 552B

.debug_l
Size: 1024B - Virtual size: 808B

.debug_a
Size: 512B - Virtual size: 32B

.debug_r
Size: 512B - Virtual size: 32B

.debug_l
Size: 1024B - Virtual size: 779B

.rsrc
Size: 43KB - Virtual size: 43KB

.reloc
Size: 163KB - Virtual size: 162KB