6ed30cfb3f903aae96524b4a0e34031764cde1211354636b450b7cc19784448c_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

6ed30cfb3f903aae96524b4a0e34031764cde1211354636b450b7cc19784448c_NeikiAnalytics.exe
Size

1.4MB
MD5

3f4bc4e8befa87a35e57a666f3e5e740
SHA1

0cb88c5e7f0dcd35b1ca45b236fbbffffe493656
SHA256

6ed30cfb3f903aae96524b4a0e34031764cde1211354636b450b7cc19784448c
SHA512

deb63c547dbe65e825bc0ef36059c8670a63d5f69920fbe964cba0211d6188ae467e30237d9307bc66b7ab25b5e207a46d947e39413922ae5684a1bca5db7411
SSDEEP

24576:9CXt6c9IbkW22+6JSvLCJ/wXTMzzoSj8EKEcwiVyqslktjQYmsn/z:G9IbDp+6JS9q23psTdm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6ed30cfb3f903aae96524b4a0e34031764cde1211354636b450b7cc19784448c_NeikiAnalytics.exe

Files

6ed30cfb3f903aae96524b4a0e34031764cde1211354636b450b7cc19784448c_NeikiAnalytics.exe
.exe windows:4 windows x64 arch:x64

26fd468b9981b1d064e7e3191f2e2bea

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegCloseKey
RegOpenKeyW
RegQueryValueExW

comctl32

_TrackMouseEvent

comdlg32

CommDlgExtendedError
GetOpenFileNameW
GetSaveFileNameW

gdi32

Arc
BitBlt
CombineRgn
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCA
CreateDIBSection
CreateFontA
CreatePalette
CreatePen
CreatePolygonRgn
CreateRectRgn
CreateSolidBrush
DPtoLP
DeleteDC
DeleteObject
EqualRgn
ExtCreatePen
ExtCreateRegion
GdiFlush
GetCharacterPlacementW
GetDCOrgEx
GetDIBits
GetDeviceCaps
GetEnhMetaFileHeader
GetGlyphOutlineW
GetRgnBox
GetStockObject
GetTextExtentPoint32W
GetTextMetricsA
GetWorldTransform
LPtoDP
LineTo
ModifyWorldTransform
MoveToEx
OffsetRgn
Pie
PlayEnhMetaFile
PolyPolygon
Polygon
Polyline
RealizePalette
RectInRegion
RestoreDC
SaveDC
SelectClipRgn
SelectObject
SelectPalette
SetBkMode
SetDIBitsToDevice
SetPixel
SetTextAlign
SetTextColor
SetWorldTransform
StretchDIBits
TextOutW
UpdateColors

kernel32

CloseHandle
CreateEventA
CreateFileA
CreateSemaphoreW
CreateThread
DeleteCriticalSection
DeviceIoControl
EnterCriticalSection
FindClose
FindFirstFileW
FindNextFileW
GetACP
GetComputerNameA
GetCurrentDirectoryA
GetCurrentThreadId
GetFileAttributesA
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetVersionExA
GlobalAlloc
GlobalLock
GlobalUnlock
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
RaiseException
ReleaseSemaphore
RtlCaptureContext
RtlLookupFunctionEntry
RtlUnwindEx
RtlVirtualUnwind
SetCurrentDirectoryA
SetEvent
SetLastError
SetUnhandledExceptionFilter
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte

msvcrt

__C_specific_handler
___lc_codepage_func
___mb_cur_max_func
__getmainargs
__initenv
__iob_func
__lconv_init
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_cexit
_close
_commode
_errno
_execvp
_fdopen
_fmode
_initterm
_localtime64
_lock
_lseek
_mkdir
_onexit
_putenv
_strdup
_stricmp
_time64
_unlock
_vsnprintf
_waccess
_wchmod
_wfopen
_wgetcwd
_wgetenv
_wmkdir
_wopen
_wrename
_wrmdir
_wstat64
_wunlink
abort
acos
atof
atoi
atol
calloc
exit
fclose
feof
ferror
fflush
fgets
fopen
fprintf
fputc
fputs
fread
free
fseek
ftell
fwrite
getc
getenv
isalnum
isalpha
islower
ispunct
isspace
isupper
isxdigit
localeconv
malloc
memcmp
memcpy
memmove
memset
qsort
raise
rand
realloc
signal
strcat
strchr
strcmp
strcpy
strcspn
strerror
strlen
strncat
strncmp
strncpy
strrchr
strstr
strtol
strtoul
system
tolower
toupper
ungetc
vfprintf
wcscpy
wcslen
wcsncpy
wcstombs
_write
_strdup

ole32

DoDragDrop
OleInitialize
OleUninitialize
RegisterDragDrop
ReleaseStgMedium

shell32

DragQueryFileW
SHBrowseForFolderW
SHGetMalloc
SHGetPathFromIDListA
SHGetPathFromIDListW
ShellExecuteA

user32

AdjustWindowRectEx
BringWindowToTop
CallWindowProcA
ChangeClipboardChain
ClientToScreen
CloseClipboard
CopyIcon
CreateIconIndirect
CreateWindowExA
CreateWindowExW
DefWindowProcA
DefWindowProcW
DestroyIcon
DestroyWindow
DispatchMessageW
EmptyClipboard
FillRect
GetAsyncKeyState
GetClipboardData
GetClipboardOwner
GetCursorPos
GetDC
GetForegroundWindow
GetKeyState
GetKeyboardLayout
GetParent
GetSysColor
GetSystemMetrics
GetUpdateRgn
GetWindow
GetWindowLongA
GetWindowLongPtrW
GetWindowRect
InvalidateRect
IsClipboardFormatAvailable
IsIconic
IsWindow
KillTimer
LoadCursorA
LoadIconA
MapWindowPoints
MessageBeep
MessageBoxA
MsgWaitForMultipleObjects
OpenClipboard
OpenIcon
PeekMessageA
PeekMessageW
PostMessageA
PostThreadMessageA
RegisterClassExA
RegisterClassExW
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
SendMessageA
SendMessageW
SetActiveWindow
SetCapture
SetClipboardData
SetClipboardViewer
SetCursor
SetFocus
SetForegroundWindow
SetRect
SetTimer
SetWindowLongA
SetWindowPos
SetWindowRgn
SetWindowTextW
ShowWindow
SystemParametersInfoA
TranslateMessage
ValidateRgn
WindowFromPoint

winmm

waveOutBreakLoop
waveOutClose
waveOutGetNumDevs
waveOutOpen
waveOutPrepareHeader
waveOutReset
waveOutUnprepareHeader
waveOutWrite

ws2_32

WSACleanup
WSAStartup
closesocket
connect
htons
inet_addr
recv
send
socket

libhxcfe

hxcfe_FxStream_FreeStream
hxcfe_FxStream_ImportHxCStreamBuffer
hxcfe_addSector
hxcfe_addTrack
hxcfe_allocSide1
hxcfe_closeDir
hxcfe_closeFile
hxcfe_createDir
hxcfe_createFile
hxcfe_deinitFsManager
hxcfe_deinitFxStream
hxcfe_deinitXmlFloppy
hxcfe_deleteFile
hxcfe_deleteSide1
hxcfe_duplicateSide
hxcfe_execScriptFile
hxcfe_floppyDuplicate
hxcfe_floppyGetInterfaceMode
hxcfe_floppySetDoubleStep
hxcfe_floppySetInterfaceMode
hxcfe_floppyUnload
hxcfe_freeSide
hxcfe_fseek
hxcfe_ftell
hxcfe_generateFloppy
hxcfe_generateXmlFileFloppy
hxcfe_generateXmlFloppy
hxcfe_getCellFlakeyState
hxcfe_getCellIndexState
hxcfe_getCellState
hxcfe_getEnvVar
hxcfe_getEnvVarIndex
hxcfe_getEnvVarValue
hxcfe_getFloppy
hxcfe_getFloppyInterfaceModeDesc
hxcfe_getFloppyInterfaceModeName
hxcfe_getFreeFsSpace
hxcfe_getNumberOfSide
hxcfe_getNumberOfTrack
hxcfe_getSectorConfigDCRC
hxcfe_getSectorConfigDCRCStatus
hxcfe_getSectorConfigDataMark
hxcfe_getSectorConfigEncoding
hxcfe_getSectorConfigEndSectorIndex
hxcfe_getSectorConfigHCRC
hxcfe_getSectorConfigHCRCStatus
hxcfe_getSectorConfigInputData
hxcfe_getSectorConfigSectorID
hxcfe_getSectorConfigSectorSize
hxcfe_getSectorConfigSideID
hxcfe_getSectorConfigSizeID
hxcfe_getSectorConfigStartDataIndex
hxcfe_getSectorConfigStartSectorIndex
hxcfe_getSectorConfigTrackID
hxcfe_getSide
hxcfe_getTotalFsSpace
hxcfe_getTrackBitrate
hxcfe_getTrackEncoding
hxcfe_getTrackEncodingName
hxcfe_getTrackLength
hxcfe_getTrackNumberOfSide
hxcfe_getTrackRPM
hxcfe_getVersion
hxcfe_getXmlLayoutDesc
hxcfe_imgAutoSetectLoader
hxcfe_imgDeInitLoader
hxcfe_imgExport
hxcfe_imgGetLoaderExt
hxcfe_imgGetLoaderID
hxcfe_imgInitLoader
hxcfe_imgLoad
hxcfe_imgSetProgressCallback
hxcfe_imgUnload
hxcfe_init
hxcfe_initFloppy
hxcfe_initFsManager
hxcfe_initFxStream
hxcfe_initXmlFloppy
hxcfe_insertCell
hxcfe_insertTrack
hxcfe_localRepair
hxcfe_mountImage
hxcfe_numberOfXmlLayout
hxcfe_openDir
hxcfe_openFile
hxcfe_popTrack
hxcfe_pushTrack
hxcfe_readDir
hxcfe_readFile
hxcfe_removeCell
hxcfe_removeDir
hxcfe_removeLastTrack
hxcfe_removeOddTracks
hxcfe_removeTrack
hxcfe_replaceSide
hxcfe_reverseFloppy
hxcfe_rotateFloppy
hxcfe_selectXmlFloppyLayout
hxcfe_setCellBitrate
hxcfe_setCellFlakeyState
hxcfe_setCellIndexState
hxcfe_setCellState
hxcfe_setEnvVar
hxcfe_setEnvVarValue
hxcfe_setIndexLength
hxcfe_setIndexPosition
hxcfe_setOutputFunc
hxcfe_setSectorBitrate
hxcfe_setSectorEncoding
hxcfe_setSectorFill
hxcfe_setSectorGap3
hxcfe_setTrackBitrate
hxcfe_setTrackInterleave
hxcfe_setTrackPreGap
hxcfe_setTrackRPM
hxcfe_setTrackSkew
hxcfe_setXmlFloppyLayoutFile
hxcfe_shiftTrackData
hxcfe_td_activate_analyzer
hxcfe_td_deinit
hxcfe_td_draw_disk
hxcfe_td_draw_stream_track
hxcfe_td_draw_track
hxcfe_td_draw_trkstream
hxcfe_td_get_view_mode_name
hxcfe_td_getframebuffer
hxcfe_td_getframebuffer_xres
hxcfe_td_getframebuffer_yres
hxcfe_td_getlastpulselist
hxcfe_td_getlastsectorlist
hxcfe_td_init
hxcfe_td_select_view_type
hxcfe_td_setName
hxcfe_td_setProgressCallback
hxcfe_td_set_marker
hxcfe_td_setparams
hxcfe_umountImage
hxcfe_writeFile

libusbhxcfe

libusbhxcfe_getCurTrack
libusbhxcfe_getStats
libusbhxcfe_init
libusbhxcfe_loadFloppy
libusbhxcfe_setInterfaceMode
libusbhxcfe_setUSBBufferSize

Sections

.text
Size: 675KB - Virtual size: 675KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 528KB - Virtual size: 527KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 354KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

26fd468b9981b1d064e7e3191f2e2bea

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

comctl32

comdlg32

gdi32

kernel32

msvcrt

ole32

shell32

user32

winmm

ws2_32

libhxcfe

libusbhxcfe

Sections

.text Size: 675KB - Virtual size: 675KB

.data Size: 528KB - Virtual size: 527KB

.rdata Size: 91KB - Virtual size: 91KB

.pdata Size: 27KB - Virtual size: 26KB

.xdata Size: 30KB - Virtual size: 30KB

.bss Size: - Virtual size: 354KB

.idata Size: 18KB - Virtual size: 18KB

.CRT Size: 512B - Virtual size: 104B

.tls Size: 512B - Virtual size: 16B

.rsrc Size: 76KB - Virtual size: 75KB

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 675KB - Virtual size: 675KB

.data
Size: 528KB - Virtual size: 527KB

.rdata
Size: 91KB - Virtual size: 91KB

.pdata
Size: 27KB - Virtual size: 26KB

.xdata
Size: 30KB - Virtual size: 30KB

.bss
Size: - Virtual size: 354KB

.idata
Size: 18KB - Virtual size: 18KB

.CRT
Size: 512B - Virtual size: 104B

.tls
Size: 512B - Virtual size: 16B

.rsrc
Size: 76KB - Virtual size: 75KB

.reloc
Size: 6KB - Virtual size: 6KB