9ef5d461a2f55170d4860353236ea570_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

9ef5d461a2f55170d4860353236ea570_NeikiAnalytics.exe
Size

179KB
MD5

9ef5d461a2f55170d4860353236ea570
SHA1

ee319138ef619bbc7906e60ed1cf3ee569aee42c
SHA256

6351f48f5701d51d373cabe962bd66bc9fe17a80a4ec787f3d6588e472f0a515
SHA512

84c74c2bbed9eed44bc4068e6abee671b19518301149a245922a88afe18264dfbc1eadf25108d816bb4c1ea6326adda0a46940507f91359ae7b8e3d1353527aa
SSDEEP

3072:bHvpCthqareYXvZRMdNK1LkkLvwKJj/mvQBBhPjA:DvpIhqareWBgELJ/mv+BhP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9ef5d461a2f55170d4860353236ea570_NeikiAnalytics.exe

Files

9ef5d461a2f55170d4860353236ea570_NeikiAnalytics.exe
.dll windows:6 windows x64 arch:x64

6b2cfae71146db849afa8e88181f0b02

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetSystemTimeAsFileTime
GetConsoleSelectionInfo
EnumDateFormatsExA
EnumDateFormatsW
IsBadHugeWritePtr
GetVolumeInformationA
CreateDirectoryExA
CreateFileMappingA
CreateSemaphoreW
GetTapeParameters
TransmitCommChar
SetCommMask
GetCommProperties
GetCommMask
GlobalFree
GlobalReAlloc
GlobalAlloc
LoadLibraryExW
GetProcAddress
GetModuleHandleA
GetModuleFileNameW
CreateFileMappingW
GetTickCount
CreateThread
SignalObjectAndWait
Sleep
CreateEventW
CreateMutexA
WaitForSingleObject
ReleaseMutex
ResetEvent
GetOverlappedResult
WaitNamedPipeW
CreateNamedPipeW
DisconnectNamedPipe
ConnectNamedPipe
GetLastError
CloseHandle
WriteFileEx
SetFilePointer
ReadFile
GetFileSize
DefineDosDeviceW
CreateFileW
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
InitializeSListHead

gdi32

CreateFontA
CreateDCA
CreateBitmapIndirect
CreatePalette
CreateRectRgnIndirect
DeleteDC
DeleteObject
GetMetaFileBitsEx
GetNearestPaletteIndex
GetObjectType
GetPaletteEntries
GetRegionData
CreateFontIndirectExA
RectInRegion
SetMetaFileBitsEx
SetPaletteEntries
CopyEnhMetaFileA
CreateEnhMetaFileA
DeleteEnhMetaFile
GetEnhMetaFileA
GetEnhMetaFileHeader
GetEnhMetaFilePixelFormat
DeleteColorSpace
CreateColorSpaceW
UnrealizeObject
CreateICA

imm32

ImmGetDescriptionA
ImmIsIME
ImmCreateContext
ImmDestroyContext
ImmGetCompositionStringA
ImmSetCompositionStringA
ImmGetCandidateListCountA
ImmGetCandidateListW
ImmGetGuideLineW
ImmInstallIMEA
ImmGetCompositionFontW
ImmGetConversionListA
ImmGetConversionListW
ImmNotifyIME
ImmGetCandidateWindow
ImmSetCandidateWindow
ImmRegisterWordW
ImmUnregisterWordW
ImmGetImeMenuItemsA
ImmGetCompositionFontA

winmm

joyGetDevCapsA
joyGetNumDevs
timeEndPeriod
timeBeginPeriod
mixerGetLineControlsW
mixerGetID
mixerClose
mixerOpen
mixerGetNumDevs
midiInGetID
midiInGetErrorTextW
midiInGetErrorTextA
midiOutGetID
midiOutClose
midiOutOpen
midiOutGetErrorTextW
midiOutGetErrorTextA
midiOutGetDevCapsA
midiConnect
mciGetDeviceIDA
mciGetDeviceIDW
mciGetCreatorTask
mmioOpenW
mmioClose
mmioRead
mmioSetBuffer
waveOutGetNumDevs
waveOutGetErrorTextA
waveOutGetID
waveInGetNumDevs
waveInGetErrorTextA
waveInGetID
midiOutGetNumDevs
midiDisconnect

msvcp140

?_Xout_of_range@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z

vcruntime140

__C_specific_handler
memset
memmove
memcpy
__std_type_info_destroy_list
memchr
_CxxThrowException
__std_exception_destroy
__std_exception_copy
memcmp

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-runtime-l1-1-0

_crt_atexit
_cexit
_initterm
_initterm_e
_invalid_parameter_noinfo_noreturn
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_execute_onexit_table
_register_onexit_function
exit

api-ms-win-crt-string-l1-1-0

_strdup
isxdigit
strncpy
strncat
_wcsnicmp
wcsncpy
wcsncat
tolower
isspace

api-ms-win-crt-heap-l1-1-0

malloc
_callnewh
realloc
free

api-ms-win-crt-convert-l1-1-0

_itow
atof
atoi
strtoul
_itoa
_ltow
_ltoa
_ultoa

api-ms-win-crt-utility-l1-1-0

rand
srand

api-ms-win-crt-stdio-l1-1-0

_read
_open
_lseek
_close
__stdio_common_vfprintf
__acrt_iob_func
_wsopen_dispatch
_write

api-ms-win-crt-filesystem-l1-1-0

_fstat64i32

Exports

Exports

tls_value_list_free
valloc

Sections

.text
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6b2cfae71146db849afa8e88181f0b02

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

imm32

winmm

msvcp140

vcruntime140

vcruntime140_1

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

Exports

Exports

Sections

.text Size: 130KB - Virtual size: 129KB

.rdata Size: 24KB - Virtual size: 24KB

.data Size: 16KB - Virtual size: 18KB

.pdata Size: 3KB - Virtual size: 3KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 128B

.text
Size: 130KB - Virtual size: 129KB

.rdata
Size: 24KB - Virtual size: 24KB

.data
Size: 16KB - Virtual size: 18KB

.pdata
Size: 3KB - Virtual size: 3KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 128B