4e95adbf1ced3be502b5055bedaf1950_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

4e95adbf1ced3be502b5055bedaf1950_NeikiAnalytics.exe
Size

476KB
MD5

4e95adbf1ced3be502b5055bedaf1950
SHA1

2d842d377521a9b55e46a6453817d8fd936b30bc
SHA256

985cf13b31d76f9a83e8a2dba8fb76edc57247eb3b643392c2cd39391f4e75cb
SHA512

b880b46ff7f224f4e2785aa1502c2df47a845f7f8cd5126d31a61bcc4d83bab82fbd9237a4df537103e54a2d52225bb2002c155b7087818dadd9eeddc9d04557
SSDEEP

12288:Kbv4+qy4wXlV4Z0JfVMZ2VnhWwHu2Gi6iEfnEsc:Kbv4+qyHJfVMZ2VnhWwHu2Gi61Ms

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4e95adbf1ced3be502b5055bedaf1950_NeikiAnalytics.exe

Files

4e95adbf1ced3be502b5055bedaf1950_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

cdd98d2243c49d6c69d01726980634a2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ahlprunl

Verify
initialize

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

kernel32

HeapReAlloc
HeapSize
SetStdHandle
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineW
GetCommandLineA
SetHandleCount
GetStdHandle
GetStartupInfoA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
VirtualAlloc
IsBadWritePtr
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetStringTypeA
GetStringTypeW
GetDriveTypeA
CompareStringW
GetACP
GetOEMCP
SetEnvironmentVariableA
FindResourceA
GlobalAddAtomA
GetProfileStringA
GetPrivateProfileStringW
GetModuleFileNameW
WritePrivateProfileStringW
MultiByteToWideChar
lstrlenW
CreateDirectoryW
LoadResource
FindResourceW
GetUserDefaultUILanguage
GetLastError
Process32NextW
CloseHandle
OpenProcess
Process32FirstW
CreateToolhelp32Snapshot
ReleaseMutex
CreateMutexW
HeapDestroy
DeleteCriticalSection
GetCurrentThreadId
InitializeCriticalSection
GetVersionExW
lstrcpyW
InterlockedDecrement
MoveFileW
WaitForSingleObject
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
GetTickCount
OpenMutexW
SetEvent
OpenEventW
WideCharToMultiByte
LocalFree
FormatMessageW
TerminateProcess
GetLocalTime
GetSystemTime
GetTimeZoneInformation
HeapFree
HeapAlloc
RaiseException
RtlUnwind
ExitProcess
GetStartupInfoW
GetCurrentDirectoryW
SetErrorMode
GetFileTime
GetFileSize
GetFileAttributesW
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
SizeofResource
GlobalFlags
LeaveCriticalSection
LocalAlloc
EnterCriticalSection
lstrcmpW
GlobalAlloc
lstrcmpA
lstrcmpiA
GetCurrentThread
FileTimeToLocalFileTime
FileTimeToSystemTime
GetShortPathNameW
GetThreadLocale
GetFullPathNameW
GetVolumeInformationW
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileW
GetCurrentProcess
DuplicateHandle
MulDiv
SetLastError
GetModuleHandleA
LoadLibraryA
FreeLibrary
GetVersion
lstrcatW
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetModuleHandleW
GetProcAddress
lstrcpynW
lstrcmpiW
lstrlenA
InterlockedIncrement
GlobalLock
GlobalUnlock
GlobalFree
LockResource
GetSystemDirectoryW
CompareStringA

user32

GetSysColorBrush
LoadCursorW
LoadStringW
GetClassNameW
GetDesktopWindow
MapDialogRect
SetWindowContextHelpId
RegisterClipboardFormatW
GetMessageW
ValidateRect
SetCursor
PostQuitMessage
CharNextW
PtInRect
DestroyMenu
CharUpperW
GrayStringW
DrawTextW
TabbedTextOutW
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GetMenuCheckMarkDimensions
ModifyMenuW
SetMenuItemBitmaps
EnableMenuItem
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
UpdateWindow
SendDlgItemMessageW
SendDlgItemMessageA
MapWindowPoints
PeekMessageW
GetFocus
SetFocus
AdjustWindowRectEx
ScreenToClient
IsWindowVisible
GetTopWindow
MessageBoxW
IsChild
GetCapture
WinHelpW
wsprintfW
GetClassInfoW
RegisterClassW
GetSubMenu
GetMenuItemID
TrackPopupMenu
GetWindowTextLengthW
GetWindowTextW
GetDlgCtrlID
SendMessageW
UnregisterClassW
GetWindowTextLengthA
HideCaret
ShowCaret
ExcludeUpdateRgn
GetWindowTextA
DrawTextA
DefWindowProcW
CreateWindowExW
SetWindowsHookExW
CallNextHookEx
SetPropW
UnhookWindowsHookEx
GetPropW
RemovePropW
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
GetWindow
SetWindowPos
RegisterWindowMessageW
IntersectRect
GetWindowPlacement
GetDC
ReleaseDC
MessageBeep
GetNextDlgGroupItem
PostThreadMessageW
SetRect
DispatchMessageW
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
IsWindow
CreateDialogIndirectParamW
DestroyWindow
GetParent
GetWindowLongW
GetDlgItem
IsWindowEnabled
CreatePopupMenu
CheckMenuItem
GetMenuState
KillTimer
DrawFocusRect
GetClassInfoA
DefDlgProcA
DefWindowProcA
CharNextA
CallWindowProcA
RemovePropA
SetWindowsHookExA
GetWindowLongA
SendMessageA
IsWindowUnicode
GetClassNameA
SetWindowLongA
SetPropA
GetPropA
InvalidateRect
EnableWindow
GetSysColor
SystemParametersInfoW
GetSystemMetrics
LoadBitmapW
FillRect
GetMenuItemInfoW
DestroyIcon
DrawStateW
OffsetRect
DrawEdge
CopyRect
InflateRect
CopyAcceleratorTableW
SetMenuItemInfoW
GetMenuItemCount
GetKeyNameTextW
MapVirtualKeyW
AppendMenuW
CreateMenu
CallWindowProcW
SetWindowLongW
GetMenu
GetLastInputInfo
GetCursorPos
SetForegroundWindow
GetDoubleClickTime
IsIconic
GetClientRect
DrawIcon
GetSystemMenu
InsertMenuW
LoadImageW
GetWindowRect
SetTimer
LoadIconW
PostMessageW
GetWindowThreadProcessId
EnumWindows
GetKeyState
TranslateMessage

gdi32

SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreatePen
CreateSolidBrush
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
StretchDIBits
GetTextColor
GetBkColor
GetMapMode
DPtoLP
LPtoDP
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetStretchBltMode
SetBkMode
GetStockObject
RestoreDC
SaveDC
DeleteDC
SetBkColor
SetTextColor
GetClipBox
CreateCompatibleBitmap
CreateBitmap
PatBlt
Ellipse
GetObjectW
SelectObject
BitBlt
RoundRect
CreateCompatibleDC
GetTextExtentPointA
CreateDIBitmap
StretchBlt
CreateFontIndirectW
ExtTextOutA
DeleteObject

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegDeleteValueW
RegCreateKeyExW
CloseServiceHandle
UnlockServiceDatabase
LockServiceDatabase
OpenSCManagerW
QueryServiceStatus
OpenServiceW
RegEnumKeyW
RegOpenKeyW
RegSetValueW
RegQueryValueW
RegCloseKey

shell32

ExtractIconW
ShellExecuteExW
Shell_NotifyIconW
SHGetSpecialFolderPathW
ShellExecuteW

comctl32

ImageList_Draw
ImageList_GetImageInfo
ImageList_Destroy
ImageList_GetIcon
ord17
ImageList_GetImageCount
ImageList_Create
ImageList_AddMasked

oledlg

OleUIBusyW

ole32

CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoRegisterMessageFilter
StringFromCLSID
CoTaskMemFree
CoTaskMemAlloc
CoDisconnectObject
CLSIDFromProgID
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoInitializeEx
CoInitializeSecurity
CoUninitialize
CoRegisterClassObject
CoRevokeClassObject
CoCreateInstance
OleIsCurrentClipboard
CLSIDFromString
OleFlushClipboard

olepro32

ord253

oleaut32

SysFreeString
SysAllocStringLen
SysAllocString
VariantChangeType
VariantCopy
VariantInit
SysStringByteLen
SysStringLen
LoadTypeLi
VariantTimeToSystemTime
VariantClear

wininet

InternetGetLastResponseInfoW
HttpQueryInfoW
HttpSendRequestW
HttpAddRequestHeadersW
HttpOpenRequestW
InternetCrackUrlW
InternetCanonicalizeUrlW
InternetOpenW
InternetCloseHandle
InternetSetStatusCallback
InternetSetFilePointer
InternetWriteFile
InternetReadFile
InternetQueryDataAvailable
InternetConnectW

Sections

.text
Size: 300KB - Virtual size: 297KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cdd98d2243c49d6c69d01726980634a2

Headers

File Characteristics

Imports

ahlprunl

version

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wininet

Sections

.text Size: 300KB - Virtual size: 297KB

.rdata Size: 68KB - Virtual size: 66KB

.data Size: 28KB - Virtual size: 47KB

.rsrc Size: 76KB - Virtual size: 72KB

.text
Size: 300KB - Virtual size: 297KB

.rdata
Size: 68KB - Virtual size: 66KB

.data
Size: 28KB - Virtual size: 47KB

.rsrc
Size: 76KB - Virtual size: 72KB