05d488d5942b3aabd5c9b6ec123be44f7507e0f797fe0a0a0055ed674ae4ceca_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

05d488d5942b3aabd5c9b6ec123be44f7507e0f797fe0a0a0055ed674ae4ceca_NeikiAnalytics.exe
Size

2.3MB
MD5

0640f5e41455f92e59d61187123deb90
SHA1

1c87bf1dd72481c9703590ce4861ffd3f06025ad
SHA256

05d488d5942b3aabd5c9b6ec123be44f7507e0f797fe0a0a0055ed674ae4ceca
SHA512

cf8a5d24f555183098d15341ad6bc1df3b75c697109748bd41b074cabcd56bc6b9d4b3a7380b8315c74cb5784c95bba230da9a335b24965d380eb405e0673dc9
SSDEEP

24576:LjLjvckwu5ad0SuLGMInHnHQ6weQ5+1/YyY3S9OpztIBRyaTTinUYU4yNWYVHG0t:5hMYXyjOphI+aThHAYVHG0pX6w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05d488d5942b3aabd5c9b6ec123be44f7507e0f797fe0a0a0055ed674ae4ceca_NeikiAnalytics.exe

Files

05d488d5942b3aabd5c9b6ec123be44f7507e0f797fe0a0a0055ed674ae4ceca_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

3df0d6d7308a86b4e066a26b5ae67588

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

d3d9

Direct3DCreate9

kernel32

GetSystemInfo
GlobalMemoryStatus
GetLastError
CreateMutexA
QueryPerformanceCounter
ReleaseMutex
QueryPerformanceFrequency
CreateThread
GetTickCount
Sleep
WriteFile
GetSystemTime
SetFilePointer
FileTimeToDosDateTime
GetFileTime
SetFileTime
DosDateTimeToFileTime
FormatMessageA
CreateDirectoryA
CopyFileA
MoveFileA
RemoveDirectoryA
DeleteFileA
FlushFileBuffers
FindFirstFileA
FindNextFileA
FindClose
CreateSemaphoreA
WaitForSingleObject
InterlockedDecrement
lstrcatA
GlobalFree
GlobalAlloc
InterlockedExchange
CreateEventA
SetThreadPriority
ExitThread
SetEvent
InterlockedIncrement
IsProcessorFeaturePresent
LoadLibraryA
GetProcAddress
GetFullPathNameA
WideCharToMultiByte
lstrcmpiA
MapViewOfFile
CreateFileMappingA
CreateFileW
GetVersionExA
UnmapViewOfFile
HeapAlloc
GetProcessHeap
HeapFree
OutputDebugStringA
ReleaseSemaphore
MultiByteToWideChar
CloseHandle
GetLocaleInfoW
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetCurrentProcessId
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
SetPriorityClass
GetModuleHandleA
UnhandledExceptionFilter
GetDriveTypeA
GetModuleFileNameA
GetFileType
GetCurrentProcess
CreateFileA
GetFileSize
ReadFile
GetStdHandle
SetHandleCount
TlsGetValue
SetLastError
GetCurrentThread
TlsAlloc
TlsSetValue
RaiseException
HeapSize
IsBadWritePtr
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetOEMCP
GetCPInfo
RtlUnwind
GetVersion
GetCommandLineA
GetStartupInfoA
TerminateProcess
ExitProcess
LocalFree
lstrlenA
LeaveCriticalSection
EnterCriticalSection
GetACP
FreeLibrary
GetThreadPriority
VirtualAlloc
HeapReAlloc
VirtualFree
InitializeCriticalSection
DeleteCriticalSection
GetCurrentThreadId
ResetEvent
WaitForMultipleObjects
MulDiv

user32

FindWindowA
PostThreadMessageA
GetQueueStatus
MsgWaitForMultipleObjects
RegisterWindowMessageA
GetAsyncKeyState
ShowCursor
LoadCursorA
DestroyWindow
MessageBoxA
DefWindowProcA
PostQuitMessage
GetClientRect
SetFocus
ShowWindow
MoveWindow
CreateWindowExA
RegisterClassA
LoadIconA
DispatchMessageA
GetCursorPos
SendMessageA
ClipCursor
SetCursor
SetCursorPos
TranslateMessage
MapVirtualKeyExA
GetKeyboardState
ToAsciiEx
GetKeyboardLayout
PeekMessageA

gdi32

DeleteObject
GetStockObject

dinput8

DirectInput8Create

dsound

ord1

advapi32

RegSetValueExA
RegQueryValueExA
RegOpenKeyA
RegOpenKeyExA
RegFlushKey
RegCloseKey

winmm

mciSendCommandA
timeGetTime
timeSetEvent
timeBeginPeriod
mmioDescend
mmioSeek
mmioClose
mmioAscend
mmioRead
mmioOpenA
mmioSetInfo
mmioAdvance
mmioGetInfo
timeEndPeriod
timeKillEvent

ole32

CoTaskMemFree
CoFreeUnusedLibraries
CoTaskMemAlloc
CoInitialize
CoCreateInstance
CoUninitialize
CoInitializeEx

oleaut32

SysFreeString
SysAllocString
VariantClear

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 156KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 108KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3df0d6d7308a86b4e066a26b5ae67588

Headers

File Characteristics

Imports

d3d9

kernel32

user32

gdi32

dinput8

dsound

advapi32

winmm

ole32

oleaut32

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 128KB - Virtual size: 125KB

.data Size: 156KB - Virtual size: 1.6MB

.rsrc Size: 16KB - Virtual size: 13KB

.reloc Size: 108KB - Virtual size: 104KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 128KB - Virtual size: 125KB

.data
Size: 156KB - Virtual size: 1.6MB

.rsrc
Size: 16KB - Virtual size: 13KB

.reloc
Size: 108KB - Virtual size: 104KB