891516e94675f0dec9db8fc0b0fdc920_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

891516e94675f0dec9db8fc0b0fdc920_NeikiAnalytics.exe
Size

452KB
MD5

891516e94675f0dec9db8fc0b0fdc920
SHA1

7be7727c42f4544924d4163d5702b842780c5f8b
SHA256

90d3aca569ef1c2016becc7822674ff46ce992af10b7953c167ab66cf278331f
SHA512

1a7b9ebe97cbd326cf58a1ac7608d21e4b1c1a9c2674b5508592b89baa3ac7645806ee1138cbf71fcbdb1a06ea60a3e7a6a3b9ba99a6f81f6e2b3aafc71b8b68
SSDEEP

6144:sUg+uyrx62xQdGKgIR5EqRc4L0sNpVb6BH2zy7bprTXIp2x8tngPI3:/DImIR5Ekc4Aovu2GHpHg2x8qs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
891516e94675f0dec9db8fc0b0fdc920_NeikiAnalytics.exe

Files

891516e94675f0dec9db8fc0b0fdc920_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

47562fce935cc9867c80774ec2d7c625

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetShortPathNameA
GetFileAttributesA
GetFileSize
GetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileTime
SetFileAttributesA
SetErrorMode
FileTimeToSystemTime
FileTimeToLocalFileTime
RtlUnwind
RaiseException
HeapFree
HeapAlloc
GetStartupInfoA
GetCommandLineA
ExitProcess
TerminateProcess
CreateThread
ExitThread
SetStdHandle
GetFileType
HeapReAlloc
HeapSize
GetACP
GetTimeZoneInformation
GetSystemTime
FatalAppExitA
SetUnhandledExceptionFilter
GetEnvironmentVariableA
GetThreadLocale
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
Sleep
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
SetConsoleCtrlHandler
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetStringTypeExA
GetFullPathNameA
GetVolumeInformationA
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
GetCurrentDirectoryA
WritePrivateProfileStringA
GetPrivateProfileStringA
InterlockedExchange
GetPrivateProfileIntA
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
MulDiv
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
GlobalFree
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GetLastError
FormatMessageA
LocalFree
SetLastError
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
CreateEventA
SuspendThread
SetThreadPriority
ResumeThread
SetEvent
WaitForSingleObject
CloseHandle
GetModuleFileNameA
GlobalAlloc
lstrcmpA
GetCurrentThread
LoadLibraryA
FreeLibrary
FindResourceA
LoadResource
LockResource
GetCurrentThreadId
lstrcmpiA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
GetProcAddress
lstrcatA
lstrcpyA
lstrlenA
GlobalLock
lstrcpynA
GlobalUnlock
GlobalGetAtomNameA
GlobalAddAtomA
GetVersion
GetSystemTimeAsFileTime
GetLocalTime
FindFirstFileA
GetVersionExA
FindClose

user32

CallNextHookEx
SetWindowsHookExA
CreateWindowExA
DestroyWindow
GetWindowTextA
GetWindowTextLengthA
SetWindowPlacement
TrackPopupMenu
RegisterClassA
IsChild
MessageBoxA
GetTopWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
SetScrollInfo
GetScrollInfo
ScrollWindow
EndDeferWindowPos
BeginDeferWindowPos
GetClientRect
DeferWindowPos
ScreenToClient
AdjustWindowRectEx
DispatchMessageA
GetSysColor
MapWindowPoints
SendDlgItemMessageA
CheckDlgButton
CheckRadioButton
GetDlgItemInt
GetDlgItemTextA
SetDlgItemInt
SetDlgItemTextA
IsDlgButtonChecked
ScrollWindowEx
IsDialogMessageA
SetWindowTextA
MoveWindow
GetNextDlgTabItem
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
ShowOwnedPopups
GetCursorPos
ValidateRect
TranslateMessage
GetMessageA
CharToOemA
OemToCharA
WaitMessage
GetClassNameA
PtInRect
ClientToScreen
LoadCursorA
GetSysColorBrush
ReleaseDC
GetDC
LoadStringA
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
InsertMenuA
DeleteMenu
GetMenuStringA
CharUpperA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetSystemMetrics
GetLastActivePopup
BringWindowToTop
IsWindowVisible
IsIconic
GetFocus
EqualRect
CopyRect
GetDlgItem
InvalidateRect
SetWindowLongA
wsprintfA
GetKeyState
SetWindowPos
GetDlgCtrlID
UpdateWindow
GetMenuItemCount
GetMenuItemID
UnpackDDElParam
ReuseDDElParam
SetActiveWindow
WinHelpA
SetMenu
GetMenu
LoadIconA
GetClassInfoA
LoadMenuA
DestroyMenu
SetFocus
GetParent
GetActiveWindow
ShowWindow
GetWindowLongA
GetDesktopWindow
GetWindow
IsWindowEnabled
SendMessageA
SetCursor
PeekMessageA
PostMessageA
GetCapture
ReleaseCapture
TranslateAcceleratorA
LoadAcceleratorsA
SetRectEmpty
RegisterWindowMessageA
EnableWindow
CloseWindow
DdeDisconnect
DdeSetUserHandle
DdeQueryConvInfo
DdeReconnect
DdeQueryStringA
DdeKeepStringHandle
DdeFreeStringHandle
DdeFreeDataHandle
DdeCreateDataHandle
DdeCreateStringHandleA
DdeGetLastError
DdeEnableCallback
DdePostAdvise
DdeNameService
DdeUninitialize
DdeInitializeA
DdeAccessData
DdeUnaccessData
IsWindow
PostQuitMessage
SetTimer
KillTimer
GetSubMenu
UnregisterClassA

gdi32

SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
MoveToEx
CreateBitmap
LineTo
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
GetCurrentPositionEx
ArcTo
SetArcDirection
PolyDraw
SetMapMode
SetColorAdjustment
SetROP2
GetClipRgn
CreateRectRgn
SelectClipPath
ExtSelectClipRgn
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
GetViewportExtEx
GetWindowExtEx
CreatePen
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
CreatePatternBrush
CreateDIBPatternBrushPt
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
PolylineTo
SetStretchBltMode
GetObjectA
SetBkColor
SetTextColor
SetPolyFillMode
SetBkMode
SelectPalette
GetStockObject
SelectObject
RestoreDC
SaveDC
StartDocA
DeleteDC
GetDeviceCaps
PolyBezierTo
GetDCOrgEx
GetClipBox
DeleteObject

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
ReportEventA
DeregisterEventSource
RegisterEventSourceA
RegOpenKeyA

shell32

SHGetFileInfoA
DragAcceptFiles
DragFinish
DragQueryFileA

comctl32

ord17

wsock32

closesocket
WSAGetLastError
socket
connect
htons
ioctlsocket
recv
send
WSAAsyncSelect
WSACleanup
WSASetLastError
inet_addr
ntohs
getpeername
getsockname
accept
bind
htonl
gethostbyname
inet_ntoa
recvfrom
sendto
WSAStartup

Sections

.text
Size: 360KB - Virtual size: 358KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

47562fce935cc9867c80774ec2d7c625

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

wsock32

Sections

.text Size: 360KB - Virtual size: 358KB

.rdata Size: 60KB - Virtual size: 58KB

.data Size: 24KB - Virtual size: 37KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 360KB - Virtual size: 358KB

.rdata
Size: 60KB - Virtual size: 58KB

.data
Size: 24KB - Virtual size: 37KB

.rsrc
Size: 4KB - Virtual size: 1KB