864cb91ce9614ba50ebf3f60c67d0070_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

864cb91ce9614ba50ebf3f60c67d0070_NeikiAnalytics.exe
Size

880KB
MD5

864cb91ce9614ba50ebf3f60c67d0070
SHA1

93677521d64ee8267975d0416c7c022d35c49a64
SHA256

521fa0a9669a3664722e486778cc8866c7b25cc7f4e8e044836bc8619eaf275c
SHA512

44c2a00fa51fcc3d7cb3caca2fe831585a6f6cf4daad63c61adc21ff70d2d384f229dbea1f62ba4f5c017ee170f0984ef20e154ef010bf9d4bf9ea6a778be5af
SSDEEP

12288:kEIGTHN1lwpBuDiiTqmqxQEjVSYFqDT2rxnv5tdEqFDUYkPJ:kEIGTHN1lwpqiiTjiYJqrxnv5vEqmh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
864cb91ce9614ba50ebf3f60c67d0070_NeikiAnalytics.exe

Files

864cb91ce9614ba50ebf3f60c67d0070_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

dab93da1ba4af1f447b0e31b1fd21085

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessVersion
GlobalFlags
GetFileTime
SetErrorMode
RtlUnwind
HeapFree
HeapAlloc
RaiseException
GetTimeZoneInformation
GetSystemTime
GetStartupInfoA
GetCommandLineA
GetSystemTimeAsFileTime
HeapReAlloc
SetHandleCount
GetStdHandle
SetStdHandle
TlsGetValue
ExitThread
GetACP
HeapSize
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
IsBadCodePtr
SetEnvironmentVariableA
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
PeekNamedPipe
GetFileInformationByHandle
GetProfileStringA
LocalAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
GetThreadLocale
GetFullPathNameA
GetVolumeInformationA
DeleteFileA
MoveFileA
UnlockFile
LockFile
FlushFileBuffers
DuplicateHandle
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpynA
SetLastError
CreateEventA
SetThreadPriority
ResumeThread
SetEvent
FormatMessageA
LocalFree
ReadFile
SetEndOfFile
SetFilePointer
GetFileSize
GetFileType
CompareStringW
CompareStringA
GetStringTypeW
GetStringTypeA
InterlockedExchangeAdd
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
OutputDebugStringA
GlobalAlloc
GlobalLock
GlobalFree
GlobalUnlock
GlobalReAlloc
LCMapStringA
LCMapStringW
SetProcessWorkingSetSize
CreateMutexA
GetOEMCP
SizeofResource
GetPrivateProfileStringA
MulDiv
GetUserDefaultLangID
GetPrivateProfileIntA
FindFirstFileA
FindClose
TerminateProcess
CreateFileMappingA
MapViewOfFile
CreateRemoteThread
FlushInstructionCache
VirtualFreeEx
VirtualAllocEx
OpenProcess
UnmapViewOfFile
InterlockedDecrement
InterlockedIncrement
VirtualQuery
WriteFile
SuspendThread
GetCurrentThreadId
GetCurrentProcessId
GetCurrentThread
GlobalMemoryStatus
GetProcessWorkingSetSize
GetSystemInfo
IsBadReadPtr
CreateDirectoryA
GetLocalTime
GetModuleFileNameA
SetUnhandledExceptionFilter
LoadLibraryA
VirtualProtect
GetCurrentProcess
ReadProcessMemory
WriteProcessMemory
lstrcmpA
lstrcpyA
CopyFileA
WritePrivateProfileStringA
GetFileAttributesA
GetLastError
CreateProcessA
WaitForSingleObject
FreeLibrary
ExitProcess
WinExec
lstrcatA
lstrcmpiA
FindResourceA
LoadResource
LockResource
GetCPInfo
lstrlenW
WideCharToMultiByte
lstrlenA
MultiByteToWideChar
GetVersion
GetVersionExA
GetProcAddress
CreateFileA
CloseHandle
GetModuleHandleA
CreateThread
GetTickCount

user32

PostThreadMessageA
MapDialogRect
SetWindowContextHelpId
PostQuitMessage
wvsprintfA
EndDialog
CreateDialogIndirectParamA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
IsWindowEnabled
MoveWindow
IsDialogMessageA
SetRectEmpty
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetCapture
WinHelpA
RegisterClassA
GetMenu
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
GetWindow
SetWindowPos
GetWindowPlacement
IntersectRect
EndPaint
BeginPaint
GetWindowDC
DestroyMenu
GetMessageA
TranslateMessage
DispatchMessageA
GetKeyState
CallNextHookEx
ValidateRect
SetWindowsHookExA
DestroyWindow
RegisterClassExA
CreateWindowExA
PeekMessageA
ScreenToClient
PtInRect
LockWindowUpdate
SetWindowLongA
GetFocus
LoadCursorA
ShowWindow
CheckMenuItem
IsWindowVisible
IsIconic
DrawIcon
GetMenuItemInfoA
SetRect
DrawEdge
FillRect
CopyRect
UnregisterClassA
HideCaret
ShowCaret
RegisterHotKey
GetClassInfoA
SetActiveWindow
SetParent
FindWindowA
GetCursorPos
SetForegroundWindow
TrackPopupMenu
LoadMenuA
SetMenuDefaultItem
IsWindow
LoadIconA
GetDlgCtrlID
SetWindowTextA
EnumChildWindows
LoadStringA
GetDCEx
GetNextDlgGroupItem
CopyAcceleratorTableA
SetCapture
CharNextA
CheckMenuRadioItem
GetClassNameA
MessageBeep
CharUpperA
KillTimer
SetTimer
WaitForInputIdle
MessageBoxA
RegisterWindowMessageA
wsprintfA
EnableWindow
FrameRect
LoadImageA
DrawStateA
OffsetRect
GetClientRect
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode
GetSysColor
SystemParametersInfoA
DestroyIcon
DefWindowProcA
RegisterClipboardFormatA
DrawIconEx
ReleaseDC
DrawTextA
GetDC
GetDesktopWindow
GetSystemMetrics
AppendMenuA
GetMenuItemCount
ModifyMenuA
GetMenuState
GetMenuItemID
CreatePopupMenu
CreateMenu
GetMenuStringA
GetSysColorBrush
LoadBitmapA
TabbedTextOutA
GrayStringA
GetSubMenu
DestroyCursor
GetWindowLongA
SendMessageA
IsMenu
ReleaseCapture
InflateRect
DrawFocusRect
GetWindowRect
PostMessageA
ClientToScreen
WindowFromPoint
GetActiveWindow
InvalidateRect
SetCursor
GetParent
GetNextDlgTabItem

gdi32

CreatePatternBrush
GetMapMode
SetRectRgn
CombineRgn
DPtoLP
StretchDIBits
CreateFontA
LPtoDP
GetTextMetricsA
GetTextColor
GetBkColor
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
LineTo
MoveToEx
IntersectClipRect
ExcludeClipRect
SelectClipRgn
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
GetCharWidthA
GetDeviceCaps
SetMapMode
SetBkMode
RestoreDC
SaveDC
CreateRectRgnIndirect
CreateICA
CreateBitmap
SetBkColor
SetTextColor
GetStockObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
PatBlt
GetObjectA
GetPixel
SetPixel
CreateDIBSection
SelectObject
BitBlt
DeleteObject
DeleteDC
Ellipse
GetTextExtentPoint32A
GetTextExtentPoint32W
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontIndirectA
GetTextExtentPointA
CreateDIBitmap
CreateSolidBrush
CreatePen
GetBkMode
SetViewportOrgEx

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

shell32

Shell_NotifyIconA
SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteExA
ShellExecuteA

comctl32

ImageList_Draw
ImageList_GetImageCount
ImageList_GetIcon
ImageList_AddMasked
ImageList_ReplaceIcon
_TrackMouseEvent
ImageList_GetImageInfo
ImageList_Destroy
ImageList_Create
ord17

oledlg

ord8

ole32

CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleInitialize
OleUninitialize
CoRegisterMessageFilter
CoRevokeClassObject
CoTaskMemAlloc
CLSIDFromString
CLSIDFromProgID
CoTaskMemFree
OleFlushClipboard
OleIsCurrentClipboard
CoFreeUnusedLibraries

olepro32

ord253

oleaut32

SysFreeString
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreateVector
VariantClear
VariantCopy
VariantChangeType
SysAllocStringLen
SysAllocString
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SysAllocStringByteLen
SysStringLen
VariantTimeToSystemTime
SafeArrayDestroy

ws2_32

ioctlsocket
accept
listen
shutdown
getsockname
getpeername
WSAAsyncGetHostByName
recv
WSACancelAsyncRequest
bind
WSAAsyncSelect
ntohs
WSASetLastError
WSAGetLastError
WSACleanup
inet_ntoa
gethostbyname
inet_addr
send
connect
htons
socket
closesocket
setsockopt
WSAStartup

vmprotectsdk32

VMProtectDecryptStringA

winmm

PlaySoundA

Sections

.text
Size: 596KB - Virtual size: 593KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

STLPORT_
Size: 4KB - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dab93da1ba4af1f447b0e31b1fd21085

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

ws2_32

vmprotectsdk32

winmm

Sections

.text Size: 596KB - Virtual size: 593KB

.rdata Size: 92KB - Virtual size: 89KB

.data Size: 40KB - Virtual size: 207KB

STLPORT_ Size: 4KB - Virtual size: 32B

.rsrc Size: 144KB - Virtual size: 143KB

.text
Size: 596KB - Virtual size: 593KB

.rdata
Size: 92KB - Virtual size: 89KB

.data
Size: 40KB - Virtual size: 207KB

STLPORT_
Size: 4KB - Virtual size: 32B

.rsrc
Size: 144KB - Virtual size: 143KB