1dfad4bbd89f5e644090aee24d19ddf0_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

1dfad4bbd89f5e644090aee24d19ddf0_NeikiAnalytics.exe
Size

4.4MB
MD5

1dfad4bbd89f5e644090aee24d19ddf0
SHA1

f37c04262e9ad96003d9b5dc0758ce2d00024b6c
SHA256

a2896d8b147df627e843adb1e2441d87372cf17ef896da3afceca574a2aeb668
SHA512

de71077aec158de1a9571a084f03e469c807511a29594a3e6c18e2adb345fb8bc066dd31cc3ef5b56a3561a7a69aceaf3bb073850f55ba8c3af41d3df8a4244a
SSDEEP

98304:Yg2iTMhIcGBhACE8WGTvksuE1sVzioKTPMM6k0VslN:Yg2iTMhIcuACE8WGjksoKplN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1dfad4bbd89f5e644090aee24d19ddf0_NeikiAnalytics.exe

Files

1dfad4bbd89f5e644090aee24d19ddf0_NeikiAnalytics.exe
.exe windows:5 windows x86 arch:x86

a343eaca8fc8bef177e4242dfb33c316

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\dev\Projects\S08-S12\Development Release\Game.pdb

Imports

kernel32

SetLastError
GetModuleHandleW
GetModuleFileNameW
GetLastError
GetCurrentDirectoryW
SetCurrentDirectoryW
SetEnvironmentVariableA
GetProcessHeap
GetLocaleInfoW
GetConsoleOutputCP
WriteConsoleA
GetExitCodeProcess
CreatePipe
IsValidLocale
GetUserDefaultLCID
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
SetCurrentDirectoryA
GetCurrentDirectoryA
FindClose
FindNextFileW
FindFirstFileW
CloseHandle
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetFileSize
CreateFileW
MultiByteToWideChar
GetVersionExW
LocalFree
ReadFile
GlobalUnlock
GlobalLock
GlobalAlloc
WideCharToMultiByte
GetTickCount
GetFileTime
Sleep
SetEvent
SetThreadPriority
CreateThread
CreateEventW
WaitForSingleObject
SetThreadAffinityMask
GetCurrentThread
SetProcessAffinityMask
GetProcessAffinityMask
GetCurrentProcess
CreateMutexW
WaitForMultipleObjects
QueryPerformanceCounter
QueryPerformanceFrequency
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
LoadLibraryW
FreeLibrary
GetProcAddress
GetComputerNameW
GetPrivateProfileStringW
WriteFile
GetCurrentProcessId
CreateFileA
CreateFileMappingA
CreateEventA
GetLocalTime
ResetEvent
InterlockedDecrement
CreateDirectoryW
FormatMessageW
CopyFileW
CompareFileTime
GetSystemInfo
LoadLibraryA
GetModuleHandleA
DeleteFileA
GetVersionExA
GetModuleFileNameA
FormatMessageA
GetTimeFormatA
GetDateFormatA
GetSystemTime
lstrcmpiA
InterlockedExchangeAdd
InterlockedExchange
InterlockedIncrement
GetStringTypeW
LCMapStringW
GetCPInfo
CompareStringA
CompareStringW
GetLocaleInfoA
EnumSystemLocalesA
LCMapStringA
GetStringTypeA
GetFileType
SetFilePointer
SetEndOfFile
RtlUnwind
GetFileAttributesW
RaiseException
GetFileAttributesA
HeapAlloc
HeapFree
GetCommandLineA
GetStartupInfoA
WriteConsoleW
GetStdHandle
HeapReAlloc
ExitThread
ResumeThread
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileA
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
LockFile
UnlockFile
CreateDirectoryA
FindNextFileA
ExitProcess
GetSystemTimeAsFileTime
MoveFileA
CreateProcessA
DuplicateHandle
GetFileInformationByHandle
PeekNamedPipe
SetHandleCount
SetStdHandle
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapSize
GetConsoleCP
GetConsoleMode
FlushFileBuffers
VirtualFree
VirtualAlloc
HeapCreate
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetACP
GetOEMCP
IsValidCodePage
GetFullPathNameA
RemoveDirectoryA

shell32

SHCreateDirectoryExW
SHFileOperationW
SHGetFolderPathW
ShellExecuteW

ole32

CoCreateGuid
CoCreateInstance
CoInitialize

winmm

timeGetTime
timeBeginPeriod
timeEndPeriod

ddraw

DirectDrawCreateEx

ws2_32

WSAGetLastError
WSAStartup
WSASend
socket
closesocket
WSACloseEvent
WSAEnumNetworkEvents
WSAWaitForMultipleEvents
connect
WSAAsyncGetHostByName
WSACancelAsyncRequest
WSARecv
WSAEventSelect
WSACreateEvent
htons
WSACleanup

shlwapi

PathFileExistsW
PathAppendW
PathIsRelativeW
PathFindExtensionW
PathFindFileNameW
PathRemoveFileSpecW

rpcrt4

UuidCreate
UuidToStringA
RpcStringFreeA

user32

GetClientRect
ScreenToClient
GetCursorPos
AdjustWindowRect
SystemParametersInfoW
EnumDisplaySettingsExW
ClientToScreen
EndPaint
BeginPaint
SetForegroundWindow
ShowWindow
GetWindowPlacement
DefWindowProcW
OffsetRect
SetCursor
LoadCursorW
UnregisterClassW
DestroyWindow
SetWindowTextW
CreateWindowExW
SetWindowPos
SetWindowLongW
RegisterClassW
PtInRect
DispatchMessageW
TranslateMessage
PeekMessageW
SetCursorPos
GetAsyncKeyState
ClipCursor
SetCapture
RegisterWindowMessageW
PostMessageW
EmptyClipboard
SetClipboardData
OpenClipboard
IsClipboardFormatAvailable
GetClipboardData
CloseClipboard
MessageBoxW
LoadIconW
MessageBoxA
ReleaseCapture

comdlg32

ChooseColorW

advapi32

FreeSid
SetNamedSecurityInfoW
SetEntriesInAclW
AllocateAndInitializeSid
RegQueryValueExW
RegOpenKeyExW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor

oleaut32

SysFreeString
SysAllocString

Sections

.text
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 515KB - Virtual size: 514KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 306KB - Virtual size: 33.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

STLPORT_
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 154KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a343eaca8fc8bef177e4242dfb33c316

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

shell32

ole32

winmm

ddraw

ws2_32

shlwapi

rpcrt4

user32

comdlg32

advapi32

oleaut32

Sections

.text Size: 3.4MB - Virtual size: 3.4MB

.rdata Size: 515KB - Virtual size: 514KB

.data Size: 306KB - Virtual size: 33.8MB

STLPORT_ Size: 512B - Virtual size: 32B

.rsrc Size: 154KB - Virtual size: 154KB

.text
Size: 3.4MB - Virtual size: 3.4MB

.rdata
Size: 515KB - Virtual size: 514KB

.data
Size: 306KB - Virtual size: 33.8MB

STLPORT_
Size: 512B - Virtual size: 32B

.rsrc
Size: 154KB - Virtual size: 154KB