cd5bdd48ab5ae1d9812255497a0662c0_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

cd5bdd48ab5ae1d9812255497a0662c0_NeikiAnalytics.exe
Size

912KB
MD5

cd5bdd48ab5ae1d9812255497a0662c0
SHA1

28ccecfc90c1d632ccdffb64dc6b3b62bbbb6546
SHA256

97e7554fe6fd3729c9433c1dffb59d231ceb562702668d1a162eba6cae2b0c97
SHA512

87a5d14ad1e10328b90633967f8c277234c4f99598a2a252f688580c75b0fd18982108abfdf852bd64684baf0f7ab4ea9827d59577c374477ec1773d930b2bab
SSDEEP

12288:Iae5LE9jLwEurbHo4AURuS5u/0QKjrCJhl6RUSunLBDeTcEjXs1BX54tX9+XSXlw:ALE9jLwnAURuSI/tKjYznLBDe6436Qf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cd5bdd48ab5ae1d9812255497a0662c0_NeikiAnalytics.exe

Files

cd5bdd48ab5ae1d9812255497a0662c0_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

d072198fcd5176b84847adb685de4726

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteA

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

hid

HidD_GetAttributes
HidD_GetProductString
HidD_GetSerialNumberString
HidD_GetManufacturerString
HidD_GetHidGuid
HidD_GetPreparsedData
HidP_GetCaps
HidP_GetSpecificValueCaps
HidD_FreePreparsedData

kernel32

IsBadStringPtrA
IsBadWritePtr
IsBadReadPtr
GlobalFlags
LocalAlloc
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GetProcessVersion
GetCPInfo
GetOEMCP
SetErrorMode
RtlUnwind
ExitProcess
TerminateProcess
RaiseException
HeapFree
HeapAlloc
GetStartupInfoA
FlushFileBuffers
GetTimeZoneInformation
GetSystemTime
GetLocalTime
HeapReAlloc
HeapSize
GetACP
SetUnhandledExceptionFilter
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetFileType
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadCodePtr
SetStdHandle
IsValidLocale
IsValidCodePage
GetLocaleInfoA
GetUserDefaultLCID
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetProfileStringA
InterlockedExchange
SetFilePointer
ReadFile
GetCurrentProcess
GetModuleFileNameA
lstrcmpA
GetCurrentThread
SetLastError
lstrlenA
InterlockedDecrement
InterlockedIncrement
GetVersion
lstrcatA
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
GlobalFree
GetStdHandle
SetEvent
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
ReadFileEx
SleepEx
CreateEventA
ResetEvent
GetProcAddress
GetLogicalDriveStringsA
GetVolumeInformationA
GetCurrentDirectoryA
GetLastError
GetWindowsDirectoryA
SetCurrentDirectoryA
DeviceIoControl
GetSystemDirectoryA
LoadLibraryA
FreeResource
FreeLibrary
GetDriveTypeA
GetCurrentThreadId
GetCurrentProcessId
CreateThread
GetExitCodeThread
lstrcpyA
LocalFree
WriteFile
MultiByteToWideChar
DeleteFileA
GetTempPathA
GetPrivateProfileStringA
WritePrivateProfileStringA
FindResourceExA
WideCharToMultiByte
GetUserDefaultLangID
EnumResourceLanguagesA
EnumSystemLocalesA
CreateFileA
CreateDirectoryA
GetFileAttributesA
SetFileAttributesA
CopyFileA
FindResourceA
LoadResource
LockResource
SizeofResource
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
GetVersionExA
ReleaseMutex
OutputDebugStringA
CreateMutexA
WaitForSingleObject
CloseHandle
Sleep
GetTickCount
SetEndOfFile
lstrcpynA
GetCommandLineA

user32

IsDialogMessageA
SetWindowTextA
MoveWindow
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
GetMenuCheckMarkDimensions
ReleaseDC
GetWindowDC
BeginPaint
EndPaint
ValidateRect
TranslateMessage
GetMessageA
InflateRect
LoadCursorA
GetSysColorBrush
DestroyMenu
LoadStringA
SendDlgItemMessageA
MapWindowPoints
DispatchMessageA
SetFocus
AdjustWindowRectEx
ScreenToClient
CopyRect
GetTopWindow
WinHelpA
wsprintfA
GetClassInfoA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetDlgCtrlID
GetKeyState
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
GetWindow
RegisterWindowMessageA
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
GetDlgItem
IsWindowEnabled
DefWindowProcA
RegisterClassA
SetWindowLongA
RegisterDeviceNotificationA
PeekMessageA
UnregisterClassA
UnregisterDeviceNotification
IsWindow
FindWindowExA
CreateDialogIndirectParamA
ShowWindow
DestroyWindow
GetDesktopWindow
IsWindowVisible
PtInRect
GetFocus
GetWindowTextA
EnumWindows
SetCursor
FillRect
RedrawWindow
UpdateWindow
LoadBitmapA
GetNextDlgGroupItem
PostMessageA
ReleaseCapture
InvalidateRect
ClientToScreen
GetDC
SetWindowRgn
HideCaret
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
CharNextA
IsWindowUnicode
GetCapture
GetCursorPos
WindowFromPoint
DrawEdge
OffsetRect
DrawFocusRect
GetWindowLongA
GetSysColor
GrayStringA
DrawTextA
TabbedTextOutA
GetParent
GetWindowRect
GetClassNameA
FindWindowA
SetWindowPos
SetForegroundWindow
MessageBoxA
EnableWindow
PostQuitMessage
KillTimer
IsIconic
SendMessageA
LoadIconA
SetTimer
DrawIcon
GetClientRect
GetSystemMetrics
CreateWindowExA

gdi32

GetPixel
GetTextExtentPoint32A
CreateSolidBrush
CreateFontIndirectA
SetViewportOrgEx
GetViewportOrgEx
Rectangle
GetDeviceCaps
CreateICA
GetClipBox
SetTextColor
SetBkColor
SaveDC
RestoreDC
GetStockObject
SetBkMode
SetMapMode
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
CreateRectRgn
SetTextAlign
PatBlt
CombineRgn
SelectClipRgn
GetBitmapDimensionEx
StretchBlt
GetObjectA
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
LPtoDP
GetMapMode
DPtoLP
GetBkColor
BitBlt
CreateCompatibleDC
GetTextExtentPointA
CreateCompatibleBitmap
CreateBitmap
SelectObject
DeleteObject
CreateDIBitmap
DeleteDC

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

comctl32

_TrackMouseEvent
ord17

ole32

CoInitialize
CoUninitialize
CoCreateInstance
CreateStreamOnHGlobal

olepro32

ord251

oleaut32

SysAllocStringLen
SysFreeString

Sections

.text
Size: 564KB - Virtual size: 562KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 220KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d072198fcd5176b84847adb685de4726

Headers

File Characteristics

Imports

shell32

version

hid

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

ole32

olepro32

oleaut32

Sections

.text Size: 564KB - Virtual size: 562KB

.rdata Size: 88KB - Virtual size: 86KB

.data Size: 36KB - Virtual size: 54KB

.rsrc Size: 220KB - Virtual size: 216KB

.text
Size: 564KB - Virtual size: 562KB

.rdata
Size: 88KB - Virtual size: 86KB

.data
Size: 36KB - Virtual size: 54KB

.rsrc
Size: 220KB - Virtual size: 216KB