2d6fe71c4de5369c888708ac72660d50_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

2d6fe71c4de5369c888708ac72660d50_NeikiAnalytics.exe
Size

9.3MB
MD5

2d6fe71c4de5369c888708ac72660d50
SHA1

404ce65ebea97d0066baed7e9e2dd7bc29a63c0f
SHA256

9237bcb39d0ad78cf21a3da9608fb62cb94ecc238b0585f45b583717e4aff11e
SHA512

42a11ceed1229d8c09de647d920f8d4ab49db545d7ee826aaf5f0706a18a448b8a4d99767c7ae12add8e2a84f8b6b6ea7fd09910564728745d906dda70f9846d
SSDEEP

98304:vf6AdJnsG/hM334c9fyDo9mXyJIrzyvHWbk/m6IskJa0hTMzy6dA7JjGdRiE:vf6AdNm334sy5miCzCGy6dA7KRiE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d6fe71c4de5369c888708ac72660d50_NeikiAnalytics.exe

Files

2d6fe71c4de5369c888708ac72660d50_NeikiAnalytics.exe
.exe windows:5 windows x64 arch:x64

33824033fcd6ac1c9a3eb37f55b2351f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

efcwres

r

user32

DestroyIcon
GetWindowPlacement
GetDC
ReleaseDC
GetCursorPos
ScreenToClient
MoveWindow
FillRect
DefWindowProcW
SendMessageW
GetParent
BeginPaint
GetClientRect
EndPaint
CallWindowProcW
GetMessageW
IsDialogMessageW
TranslateMessage
LoadCursorW
SetWindowsHookExW
GetMessageTime
PostMessageW
SetMenuDefaultItem
IsClipboardFormatAvailable
AdjustWindowRect
UnhookWindowsHookEx
WinHelpW
FrameRect
PostQuitMessage
CreateCaret
ShowCaret
HideCaret
DestroyCaret
ScrollWindow
SetCaretPos
OemToCharBuffA
UpdateWindow
GetKeyState
InvalidateRect
CreateMenu
GetAsyncKeyState
RegisterWindowMessageW
SetCursorPos
ClientToScreen
SetScrollRange
SetScrollPos
KillTimer
InflateRect
SetClipboardData
MessageBeep
LoadBitmapW
GetDlgCtrlID
PtInRect
CharLowerBuffW
IsCharLowerW
CharUpperBuffW
SetCursor
DispatchMessageW
CreateDialogParamW
DestroyMenu
IsMenu
GetMenu
EndDialog
SetWindowPos
GetDesktopWindow
OemToCharBuffW
SetDlgItemInt
GetDlgItemInt
GetWindowRect
CharNextA
OemToCharA
CharLowerW
CharUpperW
CharToOemBuffW
CharPrevA
CharPrevExA
PostThreadMessageW
CreateIconFromResource
LookupIconIdFromDirectory
MapWindowPoints
GetWindow
GetTopWindow
SetWindowTextW
WaitMessage
MsgWaitForMultipleObjects
PeekMessageW
GetWindowLongPtrW
RegisterClassExW
UnregisterClassW
CloseClipboard
CreateWindowExW
SetWindowTextA
GetWindowTextW
GetWindowTextLengthW
SetWindowLongPtrW
GetClassLongPtrW
SetClassLongPtrW
DrawTextW
DrawIconEx
IsWindow
IsWindowVisible
SetFocus
MessageBoxW
MessageBoxA
GetClassInfoExW
DialogBoxParamW
CheckMenuItem
TrackPopupMenuEx
GetMenuItemInfoW
SetMenuItemInfoW
CharLowerA
CharUpperA
CharLowerBuffA
CharUpperBuffA
GetSysColorBrush
SetWindowPlacement
FindWindowW
ShowWindow
EnableWindow
DrawStateW
DrawFrameControl
GetForegroundWindow
ExitWindowsEx
BringWindowToTop
SetForegroundWindow
SetActiveWindow
IsIconic
CreateIconFromResourceEx
EnableMenuItem
GetScrollInfo
EmptyClipboard
SetScrollInfo
CheckMenuRadioItem
SetMenu
GetClassNameW
DestroyWindow
GetWindowLongW
SetWindowLongW
GetSysColor
GetSystemMetrics
SystemParametersInfoW
GetFocus
CharToOemBuffA
CharToOemA
IsWindowEnabled
InsertMenuItemW
InsertMenuW
GetMenuItemCount
VkKeyScanW
CallNextHookEx
GetWindowThreadProcessId
DrawEdge
RegisterClipboardFormatW
GetSystemMenu
DeleteMenu
LoadImageW
WindowFromPoint
ReleaseCapture
SetCapture
DestroyCursor
GetActiveWindow
CreatePopupMenu
SetTimer
DrawFocusRect
GetDlgItem
OpenClipboard
GetClipboardData

gdi32

Rectangle
MoveToEx
LineTo
CreatePen
CreateDIBSection
GetTextExtentPointA
TextOutA
GetEnhMetaFilePaletteEntries
PlayEnhMetaFile
DeleteEnhMetaFile
GetEnhMetaFileW
SetWinMetaFileBits
GetMetaFileBitsEx
DeleteMetaFile
CreateHalftonePalette
GetStockObject
ExtTextOutA
SetEnhMetaFileBits
GetEnhMetaFileHeader
SaveDC
GetClipBox
CreateRectRgnIndirect
ExtSelectClipRgn
StretchDIBits
RestoreDC
SetBkColor
SelectPalette
RealizePalette
SetStretchBltMode
StretchBlt
CreatePalette
SetBitmapDimensionEx
CreateCompatibleDC
BitBlt
GetDIBits
CreateCompatibleBitmap
SetDIBits
GetPaletteEntries
GetTextExtentPoint32W
SetMapMode
AbortDoc
GetTextMetricsW
StartPage
TextOutW
EndPage
EndDoc
DeleteDC
StartDocW
GetObjectW
CreateSolidBrush
SetDIBitsToDevice
CreateBrushIndirect
CreateFontIndirectW
SetTextColor
GetDeviceCaps
SetBkMode
DeleteObject
CreatePatternBrush
CreateBitmap
PatBlt
SelectObject

advapi32

SystemFunction036
RegEnumValueW
RegOpenKeyExW
RegEnumKeyW
GetUserNameW
RegOpenKeyExA
RegQueryValueExA
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
FreeSid
CheckTokenMembership
AllocateAndInitializeSid
SetFileSecurityW
GetFileSecurityW
RegDeleteKeyW
RegCreateKeyExW
InitiateSystemShutdownW
RegSetValueExW
RegSetValueExA
RegQueryValueExW
RegCloseKey

shell32

SHGetSpecialFolderLocation
CommandLineToArgvW
SHGetMalloc
SHGetDataFromIDListW
ShellExecuteExW
DragFinish
DragQueryFileW
DragQueryPoint
DragAcceptFiles
SHGetPathFromIDListW
SHFormatDrive
SHGetFileInfoW
ord727
SHGetDesktopFolder
SHBrowseForFolderW
ShellExecuteW
FindExecutableW
SHFileOperationW

ole32

OleSetClipboard
CoFreeUnusedLibraries
OleSetContainedObject
CoCreateInstance
CoSetProxyBlanket
ReleaseStgMedium
OleFlushClipboard
DoDragDrop
CoLockObjectExternal
RegisterDragDrop
OleInitialize
OleUninitialize
RevokeDragDrop

comdlg32

PrintDlgW
ChooseColorW
GetOpenFileNameW
GetSaveFileNameW
FindTextW
ReplaceTextW
ChooseFontW

comctl32

InitCommonControlsEx
ord17
ImageList_Destroy
ImageList_ReplaceIcon
ImageList_SetOverlayImage
ImageList_SetBkColor
ImageList_Draw
ImageList_AddMasked
ImageList_Create
ImageList_DrawEx
ImageList_Remove
ImageList_GetIconSize
ImageList_GetIcon
ImageList_GetImageCount
ImageList_Add

mpr

WNetDisconnectDialog
WNetConnectionDialog
WNetGetConnectionW
WNetOpenEnumW
WNetEnumResourceW
WNetCloseEnum

wsock32

htonl
sendto
recvfrom
ioctlsocket
closesocket
inet_addr
recv
send
inet_ntoa
select
setsockopt
shutdown
socket
gethostbyname
gethostbyaddr
htons

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

winmm

waveOutWrite
waveOutRestart
waveOutReset
waveOutPause
waveOutClose
waveOutOpen
waveOutPrepareHeader
waveOutSetVolume
waveOutUnprepareHeader
waveOutGetVolume

setupapi

SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsW
CM_Request_Device_EjectW
CM_Query_And_Remove_SubTreeW
CM_Get_Parent
SetupDiDestroyDeviceInfoList

kernel32

GetFileSize
DeleteFileA
SetFileAttributesA
GetCurrentDirectoryA
CreateDirectoryA
GetFileAttributesA
VirtualAlloc
VirtualFree
GetLargePageMinimum
CompareFileTime
GetSystemInfo
SetThreadAffinityMask
IsProcessorFeaturePresent
GetFileInformationByHandle
FindCloseChangeNotification
GetLogicalDriveStringsW
GetModuleHandleA
GetWindowsDirectoryW
GetTempPathW
WaitForMultipleObjects
EnumResourceTypesW
LoadLibraryExW
ReleaseMutex
GetCommandLineW
GlobalFree
UnmapViewOfFile
FindNextChangeNotification
VirtualProtect
QueryPerformanceFrequency
FormatMessageW
OpenProcess
GetSystemDefaultLangID
MapViewOfFile
CreateFileMappingW
AreFileApisANSI
GetLongPathNameW
GetShortPathNameW
CreateHardLinkW
CreateDirectoryW
SetEvent
GetFullPathNameW
FindFirstFileW
FindNextFileW
RemoveDirectoryW
DeleteFileW
SetFileAttributesW
GetFileAttributesW
GetFileTime
ResetEvent
ReleaseSemaphore
CreateSemaphoreW
CreateEventW
GetBinaryTypeW
FindFirstFileExW
GetLogicalDrives
ExpandEnvironmentStringsW
SetVolumeLabelW
SetLocalTime
lstrlenA
GlobalSize
CreateFileMappingA
SetEnvironmentVariableW
SetCurrentDirectoryA
GetDriveTypeA
FindFirstFileA
GetFullPathNameA
GetExitCodeProcess
FindFirstChangeNotificationW
GetSystemDirectoryW
SetThreadExecutionState
FoldStringW
GetCurrentDirectoryW
GetProcessAffinityMask
InitializeCriticalSection
IsDBCSLeadByte
FindClose
LoadLibraryW
ExpandEnvironmentStringsA
SetEnvironmentVariableA
CreateFileA
SetEndOfFile
GetTimeZoneInformation
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
GetConsoleMode
GetConsoleCP
GetLocaleInfoA
GetLocaleInfoW
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapSize
GetFileType
SetHandleCount
LCMapStringW
LCMapStringA
InitializeCriticalSectionAndSpinCount
LoadLibraryA
EnterCriticalSection
Sleep
FreeLibrary
GlobalMemoryStatus
DeviceIoControl
LocalFileTimeToFileTime
SystemTimeToFileTime
GetLocalTime
FileTimeToSystemTime
GetTickCount
GetProcAddress
EnumResourceNamesW
SetErrorMode
GetModuleFileNameW
GetSystemTime
GlobalUnlock
GlobalLock
CreateMutexW
GetVersionExW
GetDiskFreeSpaceW
SetLastError
SearchPathW
LoadResource
SizeofResource
FindResourceW
GetCurrentProcessId
GetTimeFormatW
GetDateFormatW
CompareStringA
CompareStringW
WideCharToMultiByte
MultiByteToWideChar
GetLastError
MulDiv
GetVolumeInformationW
HeapAlloc
GetProcessHeap
HeapFree
DosDateTimeToFileTime
FileTimeToDosDateTime
CreateFileW
GetDriveTypeW
ReadFile
SetFilePointer
WriteFile
LocalFree
LocalAlloc
GetUserDefaultLangID
GetStartupInfoW
FileTimeToLocalFileTime
SetThreadPriority
GetCurrentThread
GetModuleHandleW
WaitForSingleObject
CopyFileW
SetFileTime
SetCurrentDirectoryW
MoveFileW
MoveFileExW
CreateProcessW
GlobalAlloc
GetProcessVersion
GetCurrentThreadId
RtlLookupFunctionEntry
RtlUnwindEx
RaiseException
RtlPcToFileHeader
HeapReAlloc
ExitProcess
ExitThread
CloseHandle
ResumeThread
CreateThread
GetCommandLineA
GetStartupInfoA
EncodePointer
DecodePointer
FlsGetValue
FlsSetValue
FlsFree
FlsAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlCaptureContext
GetStdHandle
GetModuleFileNameA
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
RtlVirtualUnwind
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSetInformation
HeapCreate
DeleteCriticalSection
LeaveCriticalSection
CreateProcessA

ws2_32

WSAGetLastError
ntohl
bind
listen
connect
gethostname
accept
ntohs
getsockname
WSACleanup
WSAStartup

oleaut32

SysAllocString
VariantInit
VariantCopy
SysAllocStringLen
SysStringLen
VariantClear
SysFreeString
DispGetParam

msvfw32

MCIWndCreateW

Sections

.text
Size: 4.8MB - Virtual size: 4.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 947KB - Virtual size: 946KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 164KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 252KB - Virtual size: 251KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

33824033fcd6ac1c9a3eb37f55b2351f

Headers

DLL Characteristics

File Characteristics

Imports

efcwres

user32

gdi32

advapi32

shell32

ole32

comdlg32

comctl32

mpr

wsock32

version

winmm

setupapi

kernel32

ws2_32

oleaut32

msvfw32

Sections

.text Size: 4.8MB - Virtual size: 4.8MB

.rdata Size: 947KB - Virtual size: 946KB

.data Size: 164KB - Virtual size: 1.5MB

.pdata Size: 252KB - Virtual size: 251KB

.rsrc Size: 3.2MB - Virtual size: 3.2MB

.text
Size: 4.8MB - Virtual size: 4.8MB

.rdata
Size: 947KB - Virtual size: 946KB

.data
Size: 164KB - Virtual size: 1.5MB

.pdata
Size: 252KB - Virtual size: 251KB

.rsrc
Size: 3.2MB - Virtual size: 3.2MB