477b413e5594c59fd24032179e9c6c60_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

477b413e5594c59fd24032179e9c6c60_NeikiAnalytics.exe
Size

1.1MB
MD5

477b413e5594c59fd24032179e9c6c60
SHA1

4cdebcd8cc7337158695059c2cc83bb0ae8b9a33
SHA256

c487ddd4a77b83b4041c921c89477f3657410c25b9c82aed409bbbe193150e74
SHA512

c583f2ea3e42dc3a3515f8b5d0bc3ff0bbf6365b5591819d20a5a8dff7eac87de8e253b499ff45e0fe874ad23837c7f2f248fa875b44b618f2bcab02be980b39
SSDEEP

12288:j147KkVjJhfKpMHBKpeTWAh1BPk7L1YteB+kofkHp0O3/RzMccafivY6PjU/9bp:p57MM9qIxw6p0O3/RzyLY6o/9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
477b413e5594c59fd24032179e9c6c60_NeikiAnalytics.exe

Files

477b413e5594c59fd24032179e9c6c60_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

28334e042fe10f44115b63006ccc0d6d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

efmmres

r

user32

SetWindowLongA
GetMenu
DeleteMenu
EndDialog
WinHelpA
GetDesktopWindow
OemToCharBuffA
DestroyIcon
SendMessageA
GetWindowLongA
ScreenToClient
GetCursorPos
SetWindowPos
GetScrollInfo
PeekMessageA
GetMessageA
TranslateAcceleratorA
TranslateMessage
IsDialogMessageA
DispatchMessageA
SetForegroundWindow
GetDlgItemInt
SetDlgItemInt
SetCursor
CheckMenuRadioItem
ReleaseCapture
SetCapture
GetForegroundWindow
UnhookWindowsHookEx
PostQuitMessage
RegisterWindowMessageA
SetWindowsHookExA
EnableMenuItem
CallNextHookEx
GetDlgItem
IsIconic
OpenClipboard
GetClipboardData
CloseClipboard
CreateAcceleratorTableA
DestroyAcceleratorTable
VkKeyScanA
GetWindowRect
GetDC
ReleaseDC
RegisterClassExA
UnregisterClassA
GetClassInfoExA
CreateWindowExA
FindWindowA
SetWindowTextA
DestroyWindow
GetWindowTextA
GetWindowTextLengthA
GetClassLongA
SetClassLongA
PostMessageA
InvalidateRect
DrawTextA
DrawIconEx
ShowWindow
EnableWindow
IsWindow
IsWindowVisible
SetFocus
MessageBeep
MessageBoxA
DialogBoxParamA
CheckMenuItem
TrackPopupMenuEx
GetSystemMetrics
GetMenuItemInfoA
FillRect
IsWindowEnabled
LoadImageA
LoadIconA
LoadBitmapA
UpdateWindow
SetMenuItemInfoA
GetMenuItemCount
DrawStateA
InsertMenuItemA
GetWindow
GetTopWindow
CharUpperBuffA
CharLowerBuffA
CharLowerA
CharUpperA
WindowFromPoint
DrawFocusRect
DrawFrameControl
FrameRect
GetSysColorBrush
GetSysColor
GetMessageTime
ExitWindowsEx
GetWindowPlacement
SetWindowPlacement
BringWindowToTop
SetActiveWindow
GetActiveWindow
SetClipboardData
KillTimer
DefWindowProcA
BeginPaint
EndPaint
GetParent
SetTimer
MoveWindow
LoadCursorA
SystemParametersInfoA
GetWindowThreadProcessId
EmptyClipboard
GetFocus
CreateMenu
SetMenu
IsMenu
DestroyMenu
CreatePopupMenu
CallWindowProcA
GetClientRect

gdi32

GetTextMetricsA
CreatePen
GetStockObject
BitBlt
DeleteDC
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
CreateSolidBrush
MoveToEx
LineTo
SetBkMode
GetDeviceCaps
SetTextColor
DeleteObject
GetObjectA
Rectangle
CreateFontIndirectA
SetBkColor

shell32

SHGetDesktopFolder
SHGetDataFromIDListA
SHFileOperationA
SHGetFileInfoA
SHGetMalloc
ShellExecuteExA
SHGetPathFromIDListA
Shell_NotifyIconA
SHBrowseForFolderA
ShellExecuteA
SHGetSpecialFolderLocation

ole32

OleUninitialize
OleInitialize
CoCreateInstance

comdlg32

ChooseFontA
ChooseColorA
FindTextA
GetSaveFileNameA
GetOpenFileNameA

comctl32

ImageList_Destroy
ImageList_GetIcon
ImageList_AddMasked
ImageList_GetIconSize
ImageList_Draw
CreateToolbarEx
ImageList_SetOverlayImage
ord17
ImageList_Create
ImageList_SetBkColor
ImageList_ReplaceIcon

wsock32

sendto
accept
bind
listen
htons
connect
getsockname
closesocket
shutdown
recv
send
inet_ntoa
select
inet_addr
recvfrom
ntohs
WSAGetLastError
setsockopt
gethostbyaddr
gethostbyname
ioctlsocket
socket
WSAStartup
WSACleanup

winmm

PlaySoundA

kernel32

GetCPInfo
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
UnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
LCMapStringW
GetStringTypeW
GetACP
GetOEMCP
SetStdHandle
FlushFileBuffers
LCMapStringA
TlsAlloc
HeapSize
GetVersion
GetCommandLineA
GetStartupInfoA
HeapReAlloc
ExitThread
TlsGetValue
FreeEnvironmentStringsW
GetStringTypeA
TlsSetValue
ResumeThread
ExitProcess
HeapAlloc
HeapFree
InterlockedIncrement
InterlockedDecrement
RtlUnwind
GetLocaleInfoA
GetSystemDefaultLangID
TerminateProcess
OpenProcess
FormatMessageA
LocalFree
GetLastError
GlobalAlloc
GetTempPathA
DeviceIoControl
GetVersionExA
SetLastError
GetDiskFreeSpaceA
GetTickCount
GetModuleFileNameA
GetLocalTime
CreateDirectoryA
SetCurrentDirectoryA
RemoveDirectoryA
DeleteFileA
CopyFileA
SetFileTime
MoveFileA
MoveFileExA
SetErrorMode
CreateMutexA
Sleep
GetCurrentProcessId
FileTimeToSystemTime
SystemTimeToFileTime
GlobalUnlock
GlobalLock
SetThreadPriority
GetCurrentThread
GetProcessVersion
CreateProcessA
GetModuleHandleA
GetCurrentThreadId
GetTimeFormatA
GetDateFormatA
GetVolumeInformationA
FreeLibrary
SetEvent
lstrcpyA
GetProcAddress
LoadLibraryA
GetSystemDirectoryA
WaitForSingleObject
ReleaseMutex
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetFileAttributesA
SetFileAttributesA
GetCurrentDirectoryA
GetFullPathNameA
GetFileInformationByHandle
CreateFileA
CloseHandle
ReadFile
WriteFile
FindClose
FindNextFileA
FindFirstFileA
GetFileSize
SetFilePointer
SetEndOfFile
FileTimeToLocalFileTime
FreeEnvironmentStringsA
GetEnvironmentStrings
ExpandEnvironmentStringsA
WideCharToMultiByte
MultiByteToWideChar
CompareStringA
CompareStringW
VirtualProtect
GetWindowsDirectoryA
GetCurrentProcess
MulDiv
CreateThread

advapi32

InitiateSystemShutdownA
RegQueryValueExA
RegOpenKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey

Sections

.text
Size: 288KB - Virtual size: 286KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 804KB - Virtual size: 802KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

28334e042fe10f44115b63006ccc0d6d

Headers

File Characteristics

Imports

efmmres

user32

gdi32

shell32

ole32

comdlg32

comctl32

wsock32

winmm

kernel32

advapi32

Sections

.text Size: 288KB - Virtual size: 286KB

.rdata Size: 24KB - Virtual size: 20KB

.data Size: 28KB - Virtual size: 47KB

.rsrc Size: 804KB - Virtual size: 802KB

.text
Size: 288KB - Virtual size: 286KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 28KB - Virtual size: 47KB

.rsrc
Size: 804KB - Virtual size: 802KB