General

Malware Config

Signatures

Files

• 835fa1c2fbba3005e453bab1a36b9a9c77d345197553ade815e5b4e976487e89_NeikiAnalytics.exe

  .exe windows:5 windows x86 arch:x86

  e669b3b972188b80ef9f674dddc637a2

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  PDB Paths

  C:\SurfRight\Producten\HitmanPro35\bin\x86\Release MT\HitmanPro.pdb

  Imports

  kernel32

  GetModuleHandleW

  GetLastError

  WaitForMultipleObjects

  CreateEventW

  CloseHandle

  SetEvent

  ResetEvent

  WaitForSingleObject

  InitializeCriticalSection

  DeleteCriticalSection

  EnterCriticalSection

  LeaveCriticalSection

  CreateThread

  SignalObjectAndWait

  TerminateThread

  Sleep

  VirtualAlloc

  VirtualFree

  OpenProcess

  VirtualQueryEx

  WaitForSingleObjectEx

  CreateWaitableTimerW

  SetWaitableTimer

  LocalAlloc

  LocalFree

  LoadLibraryW

  GetProcAddress

  GlobalMemoryStatus

  FreeLibrary

  Heap32ListNext

  Heap32Next

  QueryPerformanceCounter

  Heap32First

  Heap32ListFirst

  GetTickCount

  GetSystemTimeAsFileTime

  Thread32First

  Thread32Next

  VirtualUnlock

  LoadLibraryA

  Process32FirstW

  VirtualLock

  Module32FirstW

  GetSystemInfo

  Process32NextW

  CreateToolhelp32Snapshot

  GetCurrentThreadId

  Module32NextW

  GetCurrentProcessId

  QueryPerformanceFrequency

  SetThreadPriority

  GetCurrentThread

  GetProcessHeap

  HeapFree

  HeapAlloc

  HeapReAlloc

  SystemTimeToFileTime

  LocalFileTimeToFileTime

  CompareFileTime

  GetLocalTime

  FindResourceW

  SizeofResource

  LoadResource

  LockResource

  FreeResource

  OutputDebugStringW

  FileTimeToSystemTime

  GetCalendarInfoW

  SetLastError

  InterlockedCompareExchange

  GetWindowsDirectoryW

  CreateFileW

  GetFileSizeEx

  InterlockedDecrement

  FormatMessageW

  FileTimeToLocalFileTime

  GetLocaleInfoW

  TryEnterCriticalSection

  InterlockedIncrement

  GetTempPathW

  RemoveDirectoryW

  FindFirstFileW

  FindNextFileW

  FindClose

  GetFileAttributesW

  GetModuleHandleA

  GetCurrentProcess

  RegisterWaitForSingleObject

  InterlockedExchange

  UnregisterWaitEx

  PeekNamedPipe

  FlushFileBuffers

  DisconnectNamedPipe

  ReadFile

  GetOverlappedResult

  WriteFile

  WaitNamedPipeW

  GetComputerNameW

  GetFileAttributesExW

  GetFileTime

  SetFileTime

  GetVersion

  ResumeThread

  GetCommandLineW

  CreateProcessW

  ConvertDefaultLocale

  GetLogicalDriveStringsW

  QueryDosDeviceW

  GetSystemDirectoryW

  SetThreadAffinityMask

  DeleteFileW

  GetModuleFileNameW

  SetErrorMode

  DeviceIoControl

  GetStdHandle

  GetVolumeInformationW

  GetFileSize

  SetFileAttributesW

  CopyFileW

  TerminateProcess

  GetNumberFormatW

  GetVersionExW

  WTSGetActiveConsoleSessionId

  ProcessIdToSessionId

  GetProcessTimes

  GlobalAlloc

  OpenEventW

  AllocConsole

  MultiByteToWideChar

  SetUnhandledExceptionFilter

  VirtualProtect

  VirtualQuery

  OpenThread

  SuspendThread

  GetThreadContext

  SetThreadContext

  SearchPathW

  DuplicateHandle

  CreateSemaphoreW

  ReleaseSemaphore

  GetEnvironmentVariableW

  WideCharToMultiByte

  GetVolumeInformationA

  ExpandEnvironmentStringsW

  VerifyVersionInfoW

  VerSetConditionMask

  SetHandleInformation

  CreateNamedPipeW

  ConnectNamedPipe

  GetThreadPriority

  GetLongPathNameW

  VirtualAllocEx

  ReadProcessMemory

  VirtualFreeEx

  RaiseException

  MoveFileW

  GetCurrentDirectoryW

  GetCurrentDirectoryA

  GlobalFree

  SetEndOfFile

  SetFilePointerEx

  FormatMessageA

  GetFullPathNameW

  GetFullPathNameA

  CreateFileA

  CreateMutexW

  HeapCompact

  SetFilePointer

  MapViewOfFile

  UnmapViewOfFile

  UnlockFile

  LockFile

  UnlockFileEx

  HeapDestroy

  GetFileAttributesA

  HeapCreate

  HeapValidate

  HeapSize

  LockFileEx

  GetDiskFreeSpaceW

  CreateFileMappingA

  CreateFileMappingW

  GetDiskFreeSpaceA

  OutputDebugStringA

  GetVersionExA

  GetTempPathA

  GetSystemTime

  AreFileApisANSI

  DeleteFileA

  ExitProcess

  lstrlenA

  UnhandledExceptionFilter

  IsDebuggerPresent

  ReadConsoleInputA

  SetConsoleMode

  GetConsoleMode

  GetFileType

  GetConsoleCP

  GetStartupInfoW

  RtlUnwind

  GetCPInfo

  LCMapStringA

  LCMapStringW

  GetStringTypeW

  GetACP

  GetOEMCP

  IsValidCodePage

  TlsGetValue

  TlsAlloc

  TlsSetValue

  TlsFree

  GetModuleFileNameA

  SetHandleCount

  GetStartupInfoA

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  InitializeCriticalSectionAndSpinCount

  SetStdHandle

  WriteConsoleA

  GetConsoleOutputCP

  WriteConsoleW

  GetStringTypeA

  GetUserDefaultLCID

  GetLocaleInfoA

  EnumSystemLocalesA

  IsValidLocale

  GetTimeZoneInformation

  CompareStringW

  SetEnvironmentVariableA

  SetEnvironmentVariableW

  CompareStringA

  Sections

  .text

  Size: 2.5MB - Virtual size: 2.5MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 604KB - Virtual size: 603KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 61KB - Virtual size: 78KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 6.3MB - Virtual size: 6.3MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 166KB - Virtual size: 165KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

  .zero

  Size: 4KB - Virtual size: 3KB

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ