bec033519687adf4e914156058865f60_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

bec033519687adf4e914156058865f60_NeikiAnalytics.exe
Size

2.7MB
MD5

bec033519687adf4e914156058865f60
SHA1

501f5dfbebfb7b8cd51dbd8c98261e346c448eaf
SHA256

49f3a33172fd3bb149aaa0185777dd977e7e6ad88d44803c57d0d6c1dce6361d
SHA512

05d11b5a060a9b9b4bd9004f39cabad034adada048dc026b345f3ee6375c8427f05e2d70cd7528b8deba148ac9be2db9414c461e7eb242e06359e25c01ec6b56
SSDEEP

49152:o4FaQh6vj6MFhy0DNoWiMTw6Ew28V7UYMlFLJQlYxFcBRTP6Zf4KXEI6d:dhMpFhNo6Tw6Ew28V7UYMlFAbBRTP6Zo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bec033519687adf4e914156058865f60_NeikiAnalytics.exe

Files

bec033519687adf4e914156058865f60_NeikiAnalytics.exe
.exe windows:5 windows x86 arch:x86

63a667f11dfefdc76d3046d47c000089

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipGetImageWidth
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipDeleteGraphics
GdipGetImageHeight
GdipGetImagePixelFormat
GdiplusShutdown
GdipGetImagePaletteSize
GdipFree
GdipAlloc
GdipCloneImage
GdipDisposeImage
GdipSaveImageToFile
GdipGetImageEncodersSize
GdipGetImageGraphicsContext
GdipDrawImageI
GdipGetImageEncoders
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdipBitmapUnlockBits

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

kernel32

GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapCreate
HeapDestroy
QueryPerformanceCounter
TerminateProcess
VirtualAlloc
IsDebuggerPresent
IsProcessorFeaturePresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
LCMapStringW
GetTimeZoneInformation
GetStringTypeW
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
WriteConsoleW
CreateFileA
GetProcessHeap
SetEnvironmentVariableA
HeapReAlloc
ExitProcess
RtlUnwind
GetDateFormatW
GetTimeFormatW
GetFileType
SetStdHandle
GetSystemTimeAsFileTime
DecodePointer
EncodePointer
HeapAlloc
CreateThread
ExitThread
HeapFree
GetStartupInfoW
HeapSetInformation
GetCommandLineW
GetUserDefaultLCID
VirtualProtect
SearchPathW
GetProfileIntW
GetNumberFormatW
GetWindowsDirectoryW
GetFileTime
GetFileSizeEx
GetFileAttributesW
GetTempPathW
GetTempFileNameW
SetErrorMode
GetFullPathNameW
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileW
lstrcmpiW
GlobalGetAtomNameW
GlobalFlags
lstrcpyW
GetSystemDirectoryW
GetCurrentDirectoryW
ResumeThread
GetPrivateProfileStringW
TlsFree
SetUnhandledExceptionFilter
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GetThreadLocale
ReleaseActCtx
CreateActCtxW
FreeResource
GlobalAddAtomW
GlobalFindAtomW
GetVersionExW
CompareStringW
InitializeCriticalSectionAndSpinCount
GetCurrentProcessId
lstrcmpA
GlobalDeleteAtom
GetCurrentThreadId
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
CompareStringA
ActivateActCtx
DeactivateActCtx
lstrcmpW
GetLocaleInfoW
LoadLibraryExW
InterlockedExchange
SetLastError
GlobalFree
CopyFileW
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LoadLibraryA
ExpandEnvironmentStringsA
LocalFree
lstrlenA
GetLastError
GetModuleHandleW
SetFileTime
GetSystemTime
CreateDirectoryA
DeleteFileW
FileTimeToLocalFileTime
GetFileAttributesExW
SetWaitableTimer
CancelWaitableTimer
CreateWaitableTimerW
InterlockedIncrement
RaiseException
ResetEvent
WaitForMultipleObjects
GetModuleFileNameA
Sleep
lstrlenW
GetTimeFormatA
GetTickCount
FindResourceExW
MultiByteToWideChar
LeaveCriticalSection
EnterCriticalSection
GetProcAddress
LoadLibraryW
FindClose
FindFirstFileW
WaitForSingleObject
SetEvent
WritePrivateProfileStringW
GetPrivateProfileIntW
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetCurrentThread
SetThreadPriority
GetSystemInfo
FreeLibrary
CloseHandle
GetModuleFileNameW
CreateEventW
MulDiv
DeleteCriticalSection
InitializeCriticalSection
GetVersionExA
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
InterlockedDecrement
HeapSize
HeapQueryInformation
LocalReAlloc
VirtualQuery
UnhandledExceptionFilter

user32

ToUnicodeEx
DrawFrameControl
DrawEdge
DrawIconEx
DrawStateW
SetClassLongW
GetAsyncKeyState
NotifyWinEvent
DestroyAcceleratorTable
SetWindowRgn
CharUpperW
RegisterClipboardFormatW
UnregisterClassW
WindowFromPoint
UnpackDDElParam
ReuseDDElParam
LoadImageW
DestroyIcon
InsertMenuItemW
CreatePopupMenu
BringWindowToTop
CopyImage
RealChildWindowFromPoint
SetLayeredWindowAttributes
EnumDisplayMonitors
DeleteMenu
LoadCursorW
GetSysColorBrush
ShowOwnedPopups
SetCursor
MessageBeep
GetNextDlgGroupItem
GetMessageW
TranslateMessage
GetCursorPos
SetWindowContextHelpId
MapDialogRect
CharNextW
InvalidateRgn
IntersectRect
IsRectEmpty
CopyAcceleratorTableW
DestroyMenu
GetMenuItemInfoW
InflateRect
SetRectEmpty
IsZoomed
LoadMenuW
GetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
CheckDlgButton
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextLengthW
GetKeyboardLayout
GetForegroundWindow
SetActiveWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
RedrawWindow
ValidateRect
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowLongW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
GetFocus
ModifyMenuW
EnableMenuItem
CheckMenuItem
MapVirtualKeyW
GetKeyNameTextW
GetWindowThreadProcessId
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
ScreenToClient
GrayStringW
DrawTextExW
TabbedTextOutW
PostQuitMessage
GetMenuState
GetMenuStringW
InsertMenuW
SetRect
DrawFocusRect
PtInRect
GetSysColor
IsWindow
ReleaseCapture
GetKeyboardState
CreateAcceleratorTableW
SetCursorPos
LockWindowUpdate
GetMenuDefaultItem
InvertRect
HideCaret
EnableScrollBar
GetIconInfo
UnionRect
PostThreadMessageW
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
MonitorFromPoint
SetCapture
OffsetRect
TranslateAcceleratorW
KillTimer
SetTimer
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
DrawTextW
SetWindowPos
UpdateLayeredWindow
GetWindowRgn
DestroyCursor
SubtractRect
MapVirtualKeyExW
IsCharLowerW
GetDoubleClickTime
CharUpperBuffW
CopyIcon
GetUpdateRect
FrameRect
IsClipboardFormatAvailable
SetMenuDefaultItem
WaitMessage
CreateMenu
GetWindowTextW
IsMenu
GetParent
CopyRect
CloseWindow
SetParent
IsWindowVisible
DrawIcon
IsIconic
GetWindow
GetMonitorInfoW
MonitorFromWindow
SystemParametersInfoW
GetSystemMetrics
SetWindowPlacement
GetWindowPlacement
LoadBitmapW
GetDesktopWindow
LoadAcceleratorsW
RemoveMenu
AppendMenuW
GetSystemMenu
PostMessageW
MessageBoxW
GetMenuItemID
GetSubMenu
GetMenuItemCount
UpdateWindow
InvalidateRect
GetWindowRect
LoadIconW
GetDC
ReleaseDC
EnableWindow
GetClientRect
FillRect
SendMessageW
EndDialog

gdi32

CreatePatternBrush
SelectPalette
GetObjectType
CreatePen
CreateHatchBrush
CreateRectRgnIndirect
GetTextMetricsW
CreateFontIndirectW
GetRgnBox
GetBkColor
GetTextColor
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetRectRgn
CombineRgn
GetMapMode
DPtoLP
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
CreateEllipticRgn
Polyline
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
OffsetRgn
SetDIBColorTable
StretchBlt
Rectangle
EnumFontFamiliesExW
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
GetTextFaceW
SetPixelV
GetWindowExtEx
GetViewportExtEx
GetSystemPaletteEntries
ExtSelectClipRgn
CreateRectRgn
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
CreateSolidBrush
GetObjectW
SetDIBits
CreateCompatibleBitmap
CreateCompatibleDC
GetStockObject
GetDeviceCaps
SelectObject
Ellipse
DeleteObject
SetViewportOrgEx
Escape
ExtTextOutW
RectVisible
CreateFontW
SetLayout
GetLayout
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
CreateDCW
CopyMetaFileW
RestoreDC
SetBkMode
SaveDC
CreateBitmap
DeleteDC
BitBlt
GetTextExtentPoint32W
TextOutW
SetTextAlign
SetBkColor
SetTextColor
GetPixel
SetPixel
PatBlt
PtVisible

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegEnumKeyExW
RegQueryValueExA
RegOpenKeyExA
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCloseKey
RegEnumValueW
RegQueryValueW
RegEnumKeyW

shell32

SHGetSpecialFolderPathW
DragFinish
DragQueryFileW
SHGetFileInfoW
ShellExecuteW
SHGetDesktopFolder
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHAppBarMessage
SHBrowseForFolderW
SHGetFolderPathA

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathIsUNCA
PathAppendW
PathRemoveFileSpecW
PathIsURLA
PathFileExistsW
PathIsURLW
PathIsUNCW
PathFindExtensionA
PathIsFileSpecW
PathCombineW
PathStripPathW
PathRenameExtensionW
PathStripPathA
PathRemoveFileSpecA
PathAppendA
PathFileExistsA
PathIsFileSpecA
PathRenameExtensionA
PathFindExtensionW
PathFindFileNameW
PathIsDirectoryW
PathStripToRootW

ole32

OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromString
CLSIDFromProgID
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoCreateGuid
OleDuplicateData
ReleaseStgMedium
CoTaskMemAlloc
CoInitializeEx
CoLoadLibrary
CoCreateInstance
CoTaskMemFree
CoUninitialize
CoInitialize
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
DoDragDrop
CreateStreamOnHGlobal
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoGetClassObject
CoRegisterMessageFilter

oleaut32

VariantCopy
OleCreateFontIndirect
SafeArrayDestroy
VariantChangeType
VariantClear
VariantInit
VarBstrCat
SysAllocStringLen
SafeArrayUnaccessData
SafeArrayGetElement
SafeArrayAccessData
SafeArrayGetLBound
SafeArrayGetUBound
VariantTimeToSystemTime
SystemTimeToVariantTime
SysAllocStringByteLen
SysStringByteLen
SysFreeString
VarBstrFromDate
SysAllocString
SysStringLen

oledlg

OleUIBusyW

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 353KB - Virtual size: 353KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 714KB - Virtual size: 714KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 188KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

63a667f11dfefdc76d3046d47c000089

Headers

DLL Characteristics

File Characteristics

Imports

gdiplus

version

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

oleacc

imm32

winmm

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 353KB - Virtual size: 353KB

.data Size: 28KB - Virtual size: 61KB

.rsrc Size: 714KB - Virtual size: 714KB

.reloc Size: 188KB - Virtual size: 187KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 353KB - Virtual size: 353KB

.data
Size: 28KB - Virtual size: 61KB

.rsrc
Size: 714KB - Virtual size: 714KB

.reloc
Size: 188KB - Virtual size: 187KB