469160b16099b900894b53b160183a20_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

469160b16099b900894b53b160183a20_NeikiAnalytics.exe
Size

3.1MB
MD5

469160b16099b900894b53b160183a20
SHA1

f6dc2b6394b45cc3735f2832182fe54b00b9d2c9
SHA256

f57d90c579f0866bf66e62e6732b0cdfe0f3c3f08d989ba7505431e65d0071a5
SHA512

9f7253d0c7f2f9accac62166c3ccb6d884f4201930ad9d71b6ca1ce3ee0c0ba77e4c549e7f70e5be6efe7760f39df077d60325427da4478208005bd3d6de2505
SSDEEP

49152:kqwam55IDysC1Z6FI1X4hJ4ghycGLXFPcAonWvgNyg7+1AU:qRsTaXZFUAuGL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
469160b16099b900894b53b160183a20_NeikiAnalytics.exe

Files

469160b16099b900894b53b160183a20_NeikiAnalytics.exe
.exe windows:5 windows x64 arch:x64

26c0c1758892dd13018f923c9ad5ea3a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

LeaveCriticalSection
EnterCriticalSection
ReleaseActCtx
GetModuleFileNameW
lstrcmpW
LocalAlloc
TlsGetValue
InitializeCriticalSection
TlsAlloc
GlobalReAlloc
GlobalHandle
TlsSetValue
LocalReAlloc
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileAttributesExA
GetFileSizeEx
GetCPInfo
GetOEMCP
GetACP
GetTickCount
GetProfileIntA
Sleep
SearchPathA
GetTempPathA
VirtualProtect
GetWindowsDirectoryA
GetNumberFormatA
FindResourceExW
RtlLookupFunctionEntry
RtlUnwindEx
RaiseException
RtlPcToFileHeader
EncodePointer
DecodePointer
HeapFree
HeapAlloc
GetCommandLineA
ExitProcess
ExitThread
CreateThread
VirtualAlloc
SetThreadStackGuarantee
GetSystemInfo
VirtualQuery
HeapReAlloc
GetSystemTimeAsFileTime
HeapQueryInformation
HeapSize
SetStdHandle
GetFileType
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
GetConsoleCP
GetConsoleMode
SetHandleCount
GetStdHandle
GetStartupInfoW
FlsGetValue
FlsSetValue
FlsFree
FlsAlloc
IsValidCodePage
HeapSetInformation
GetVersion
HeapCreate
FreeEnvironmentStringsW
FreeResource
QueryPerformanceCounter
GetStringTypeW
LCMapStringW
CompareStringW
GetTimeZoneInformation
WriteConsoleW
CreateFileW
GetProcessHeap
SetEnvironmentVariableA
SleepEx
VerifyVersionInfoA
VerSetConditionMask
GetSystemDirectoryA
PeekNamedPipe
WaitForMultipleObjects
ExpandEnvironmentStringsA
FindResourceA
GlobalFree
CopyFileA
GlobalSize
GlobalUnlock
FormatMessageA
LocalFree
lstrlenW
MulDiv
GetVersionExA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
MoveFileA
lstrcmpiA
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
GetFileTime
ReplaceFileA
GetCurrentProcessId
GlobalAddAtomA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetModuleHandleA
WaitForSingleObject
ResumeThread
SetThreadPriority
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
MultiByteToWideChar
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
CompareStringA
ActivateActCtx
LoadLibraryA
GetLastError
DeactivateActCtx
SetLastError
GlobalLock
lstrcmpA
GlobalAlloc
GetModuleHandleW
GetProcAddress
FreeLibrary
GlobalGetAtomNameA
GlobalFindAtomA
GetEnvironmentStringsW
LoadLibraryW
GetFileInformationByHandle
GetDriveTypeA
FindFirstFileExA
GetCurrentDirectoryW
WriteFile
SetFileTime
GetFileAttributesA
CreateDirectoryA
LocalFileTimeToFileTime
lstrcpyA
lstrlenA
GetCurrentDirectoryA
SystemTimeToFileTime
ReadFile
CloseHandle
CreateFileA
SetFilePointer
WideCharToMultiByte
LoadResource
LockResource
SizeofResource
FindResourceW
GetLocalTime
GetModuleFileNameA
lstrcatA
WritePrivateProfileStringA
GlobalFlags
DeleteFileA
GetDriveTypeW

user32

GetAsyncKeyState
DrawFrameControl
GetMenuItemInfoA
IsMenu
SetCursorPos
DestroyCursor
LockWindowUpdate
SetParent
CharUpperBuffA
DrawIconEx
GetSysColorBrush
SetRect
DrawEdge
DrawFocusRect
UnionRect
EnableScrollBar
UpdateLayeredWindow
MonitorFromPoint
RealChildWindowFromPoint
EnumDisplayMonitors
SetLayeredWindowAttributes
PostThreadMessageA
CopyAcceleratorTableA
ToAsciiEx
MapVirtualKeyA
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableA
SetClassLongPtrA
EnumChildWindows
RegisterClipboardFormatA
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
LoadImageW
GetKeyNameTextA
SetMenuDefaultItem
GetMenuDefaultItem
IsClipboardFormatAvailable
FrameRect
CopyIcon
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
GetUpdateRect
SubtractRect
MapDialogRect
GetNextDlgGroupItem
GetDoubleClickTime
IsCharLowerA
MapVirtualKeyExA
InvertRect
HideCaret
CreateMenu
GetWindowRgn
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
GetWindowLongPtrA
SetWindowLongPtrA
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
UnpackDDElParam
ShowScrollBar
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
PtInRect
SetWindowPlacement
GetWindowPlacement
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
GetDlgCtrlID
UpdateWindow
IsIconic
AdjustWindowRectEx
SetWindowPos
WindowFromPoint
ScreenToClient
GetWindowRect
LoadCursorA
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
SetFocus
CharUpperA
GetSystemMetrics
GetDC
ReleaseDC
IsWindow
DestroyWindow
IsChild
CopyRect
SetRectEmpty
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
MessageBoxA
ShowOwnedPopups
SetCursor
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetParent
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
SystemParametersInfoA
OffsetRect
MessageBeep
IsZoomed
PostMessageA
PostQuitMessage
SendMessageA
ClientToScreen
ReuseDDElParam
LoadMenuA
DestroyMenu
EndPaint
SetTimer
GetFocus
EnableWindow
InvalidateRect
GetClientRect
LoadImageA
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
IntersectRect
BringWindowToTop
TranslateAcceleratorA
GetDesktopWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
WaitMessage
SetActiveWindow
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
CopyImage
GetIconInfo
DestroyIcon
InflateRect
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
CheckDlgButton
ReleaseCapture
LoadCursorW
SetCapture
KillTimer
SetWindowRgn
DrawIcon
FillRect
IsRectEmpty
RegisterWindowMessageA
LoadIconW
LoadIconA
SendDlgItemMessageA
WinHelpA
GetCapture
GetClassLongA
GetClassNameA
GetSystemMenu
LoadMenuW
DeleteMenu
DestroyAcceleratorTable
NotifyWinEvent
GetWindow
DrawStateA
GetClassLongPtrA
SetPropA
GetPropA
RemovePropA
GetWindowTextLengthA
wsprintfA
RedrawWindow
GetWindowTextA
SetForegroundWindow
GetForegroundWindow

gdi32

CreateFontIndirectA
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
GetTextMetricsA
GetTextExtentPoint32A
PatBlt
CreateDIBSection
DeleteObject
BitBlt
Ellipse
LPtoDP
DPtoLP
SelectObject
CreateEllipticRgn
GetObjectA
SetBkColor
SetTextColor
CreateDCA
CopyMetaFileA
GetDeviceCaps
CreateCompatibleDC
CreateBitmap
SetPixelV
GetTextFaceA
EnumFontFamiliesExA
GetViewportOrgEx
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
GetWindowOrgEx
GetSystemPaletteEntries
GetNearestPaletteIndex
SetPaletteEntries
GetPaletteEntries
CreatePalette
ExtFloodFill
SetRectRgn
SetPixel
StretchBlt
RealizePalette
GetDIBits
SetDIBColorTable
GetRgnBox
GetClipBox
ExcludeClipRect
IntersectClipRect
OffsetRgn
GetTextCharsetInfo
LineTo
MoveToEx
SetTextAlign
GetLayout
SetLayout
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
GetStockObject
SelectPalette
GetObjectType
CreatePen
CreateSolidBrush
CreateHatchBrush
CreateRoundRectRgn
CreateRectRgnIndirect
CreatePolygonRgn
CombineRgn
GetBkColor
GetTextColor
RoundRect
Polyline
Polygon
Rectangle
CreateDIBitmap
EnumFontFamiliesA
CreateCompatibleBitmap

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHAppBarMessage
ShellExecuteA
SHGetFileInfoA
DragQueryFileA
DragFinish

msimg32

TransparentBlt
AlphaBlend

comctl32

ImageList_Create
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_GetImageCount
ImageList_Destroy
ImageList_DrawEx
ImageList_GetIconSize

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathRemoveFileSpecW
PathFindExtensionA

gdiplus

GdipFree
GdipAlloc
GdipDeleteGraphics
GdipDisposeImage
GdipGetImageWidth
GdipGetImageHeight
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipCloneImage
GdipDrawImageI
GdipGetImageGraphicsContext
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdiplusShutdown

ws2_32

ntohl
gethostname
ioctlsocket
listen
closesocket
freeaddrinfo
getsockopt
setsockopt
WSAIoctl
__WSAFDIsSet
accept
socket
select
gethostbyname
htonl
htons
inet_addr
bind
WSAGetLastError
getsockname
getpeername
WSASetLastError
connect
sendto
recvfrom
WSAAsyncSelect
send
recv
WSACleanup
WSAStartup
ntohs
getaddrinfo

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

comdlg32

GetFileTitleA

advapi32

CryptGetHashParam
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
SetFileSecurityA
GetFileSecurityA
RegEnumValueA
RegEnumKeyExA
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
CryptDestroyHash
CryptEncrypt
CryptImportKey
CryptHashData
CryptCreateHash
CryptDestroyKey

ole32

RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
OleGetClipboard
DoDragDrop
OleLockRunning
CreateStreamOnHGlobal
CoInitialize
OleDuplicateData
ReleaseStgMedium
CoInitializeEx
CoCreateInstance
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
CoCreateGuid

oleaut32

SysAllocString
VarBstrFromDate
SysFreeString
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
SysStringLen
VariantTimeToSystemTime
SystemTimeToVariantTime

wldap32

ord22
ord211
ord143
ord60
ord50
ord26
ord30
ord200
ord32
ord35
ord79
ord33
ord301
ord27
ord41
ord46

crypt32

CertFreeCertificateContext

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.pdata
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cv#@!@#
Size: 782KB - Virtual size: 781KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE

data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 133KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

26c0c1758892dd13018f923c9ad5ea3a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

msimg32

comctl32

shlwapi

gdiplus

ws2_32

oleacc

imm32

winmm

winspool.drv

comdlg32

advapi32

ole32

oleaut32

wldap32

crypt32

Sections

.text Size: 2.1MB - Virtual size: 2.1MB

.pdata Size: 103KB - Virtual size: 103KB

.cv#@!@# Size: 782KB - Virtual size: 781KB

text Size: 3KB - Virtual size: 2KB

data Size: 2KB - Virtual size: 1KB

.rsrc Size: 133KB - Virtual size: 136KB

.text
Size: 2.1MB - Virtual size: 2.1MB

.pdata
Size: 103KB - Virtual size: 103KB

.cv#@!@#
Size: 782KB - Virtual size: 781KB

text
Size: 3KB - Virtual size: 2KB

data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 133KB - Virtual size: 136KB