710441c48417520a7ec6565f01d73f4272533816cbc268a5d97d5e3132b150f8_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

710441c48417520a7ec6565f01d73f4272533816cbc268a5d97d5e3132b150f8_NeikiAnalytics.exe
Size

1.6MB
MD5

b971cc8354404b00e37f4c2eef40dde0
SHA1

e511c6460e42c7342f61855346e5c26e77e36276
SHA256

710441c48417520a7ec6565f01d73f4272533816cbc268a5d97d5e3132b150f8
SHA512

a5a9466805ed686b3853d22824c92d03d6b4ac01bef745686cf44d7196d204ed12fcc633ca14f197f006a9f68c131a02ec30c8524e804af8298d37f00b26e041
SSDEEP

49152:ey8tuqqGRSW9cdPfbvg3TeuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuTuuuuuuup:ey8tuqtx6dHbvgSuuuuuuuuuuuuuuuuJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
710441c48417520a7ec6565f01d73f4272533816cbc268a5d97d5e3132b150f8_NeikiAnalytics.exe

Files

710441c48417520a7ec6565f01d73f4272533816cbc268a5d97d5e3132b150f8_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

307b9a9362d66040e8224932da4f69a5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

setsockopt
gethostbyname
htonl
ioctlsocket
htons
WSACleanup
WSAStartup
ntohl
inet_addr

wininet

HttpQueryInfoA

crypt32

CertFreeCertificateContext
CertCloseStore
CertVerifySubjectCertificateContext
CertFindCertificateInStore
CertCreateCertificateContext
CryptGetMessageCertificates
CryptVerifyMessageSignature

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

winmm

waveInStop
waveInAddBuffer
waveInStart
waveInGetNumDevs
waveOutGetNumDevs
waveInClose
waveOutGetDevCapsA
waveOutPrepareHeader
waveOutWrite
waveOutReset
waveOutUnprepareHeader
waveOutClose
waveInReset
waveInUnprepareHeader
waveInPrepareHeader
waveInOpen
waveInGetDevCapsA
timeGetTime
waveOutOpen
timeKillEvent
timeSetEvent
timeGetDevCaps
timeBeginPeriod
timeEndPeriod

kernel32

GetSystemDefaultLangID
GetSystemInfo
GetUserDefaultLangID
ExitThread
GlobalFree
GetFileAttributesA
GetFileAttributesW
LockResource
LoadResource
FindResourceExA
FindResourceExW
GlobalAlloc
CreateThread
GetModuleHandleA
GetTimeZoneInformation
GetSystemTime
SystemTimeToFileTime
DeleteFileA
DeleteFileW
FreeLibrary
MoveFileW
RemoveDirectoryA
RemoveDirectoryW
CreateDirectoryA
CreateDirectoryW
CreateFileA
CreateFileW
ReadFile
WriteFile
GetTempFileNameA
GetTempPathA
GetTempFileNameW
GetTempPathW
SetFilePointer
GetFileSize
GetFileAttributesExA
GetFileAttributesExW
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
FindClose
ExpandEnvironmentStringsA
GetSystemDirectoryA
GetModuleFileNameA
MoveFileExA
CreateMutexA
ReleaseMutex
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
WaitForSingleObject
WideCharToMultiByte
GlobalUnlock
GlobalLock
IsDBCSLeadByteEx
lstrlenA
SetEndOfFile
CopyFileA
CopyFileW
GetModuleFileNameW
GetCommandLineW
ExitProcess
GetCommandLineA
GetProcessTimes
GetCurrentProcess
CreateEventA
SetEvent
TlsAlloc
SetThreadPriority
InterlockedIncrement
InterlockedDecrement
ResetEvent
WaitForMultipleObjects
VirtualFree
VirtualAlloc
GetThreadPriority
GetCurrentThread
HeapFree
GetLastError
GetStartupInfoA
CreateProcessA
CloseHandle
LCMapStringW
LCMapStringA
GetTickCount
GetCurrentThreadId
GetLocaleInfoA
SetErrorMode
LoadLibraryA
GetProcAddress
QueryPerformanceCounter
QueryPerformanceFrequency
IsDBCSLeadByte
GetACP
GetCPInfo
MultiByteToWideChar
GetVersionExA
VirtualQuery
InterlockedExchange
InterlockedCompareExchange
Sleep
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
HeapAlloc
GetProcessHeap
MoveFileA

user32

DialogBoxParamW
InvalidateRect
EndPaint
FillRect
BeginPaint
DestroyMenu
DestroyWindow
DefWindowProcA
UpdateWindow
KillTimer
ReleaseCapture
SetTimer
SetCapture
TrackPopupMenu
GetSubMenu
LoadCursorA
ShowWindow
GetKeyState
MapVirtualKeyA
WaitForInputIdle
CheckMenuItem
EnableMenuItem
LoadStringA
LoadMenuA
GetCursorPos
SetCursor
GetMenu
GetFocus
AttachThreadInput
GetWindowThreadProcessId
WindowFromPoint
GetCapture
ClientToScreen
DeleteMenu
GetMenuItemID
IsWindow
RegisterClipboardFormatA
CloseClipboard
GetClipboardData
IsClipboardFormatAvailable
OpenClipboard
SetClipboardData
EmptyClipboard
InsertMenuA
InsertMenuW
RemoveMenu
MessageBoxA
UnregisterClassA
EnableWindow
GetDlgItemTextA
GetWindowTextLengthA
IsWindowEnabled
LoadStringW
SetMenu
SetDlgItemTextW
GetDlgItemTextW
GetWindowTextLengthW
PostQuitMessage
GetMenuStringA
GetMenuStringW
RegisterClassA
TranslateAcceleratorA
LoadAcceleratorsA
PostThreadMessageA
GetQueueStatus
PeekMessageA
MsgWaitForMultipleObjects
RegisterWindowMessageA
SetWindowTextA
GetMenuItemCount
GetMenuItemInfoA
GetSystemMetrics
GetWindowLongA
GetDlgItem
GetWindowRect
ScreenToClient
MoveWindow
SetWindowLongA
SetDlgItemTextA
GetClientRect
SetFocus
EndDialog
InsertMenuItemA
CreateWindowExA
DdeInitializeA
DdeCreateStringHandleA
DdeConnect
DdeClientTransaction
DdeDisconnect
DdeFreeStringHandle
DdeUninitialize
SendInput
GetKeyboardLayout
GetDC
ReleaseDC
TranslateMessage
DispatchMessageA
GetMessageA
DialogBoxParamA
SystemParametersInfoA
DialogBoxIndirectParamW
DialogBoxIndirectParamA
PostMessageA
GetParent
SetWindowPos
GetDesktopWindow
LoadIconA
GetWindow
SendMessageA
GetDoubleClickTime

gdi32

ExtTextOutW
SetTextColor
GetTextMetricsA
ExtTextOutA
SelectClipRgn
GetClipRgn
CreateRectRgn
GetTextAlign
GetBkMode
GetTextColor
EnumFontFamiliesA
BeginPath
EndPage
SetTextCharacterExtra
FillPath
ExtCreatePen
StrokePath
EndDoc
StartDocA
LPtoDP
CreateSolidBrush
GetClipBox
GetSystemPaletteEntries
CreatePalette
GetTextExtentPoint32A
CreatePen
GetBkColor
SetBkColor
GetCurrentObject
GetTextExtentPoint32W
DPtoLP
EndPath
SetPolyFillMode
MoveToEx
LineTo
PolyBezierTo
SelectClipPath
SaveDC
RestoreDC
GdiFlush
DeleteObject
SelectObject
StretchDIBits
SetDIBitsToDevice
CreateCompatibleBitmap
GetObjectA
CreateCompatibleDC
DeleteDC
CreateDIBSection
GetDeviceCaps
BitBlt
RealizePalette
SelectPalette
GetStockObject
CreateFontIndirectA
SetBkMode
SetTextAlign
IntersectClipRect
StartPage

comdlg32

GetOpenFileNameA
PrintDlgA
GetOpenFileNameW
GetSaveFileNameW
CommDlgExtendedError
GetSaveFileNameA

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyA
RegQueryValueExW
RegOpenKeyExW
RegSetValueA

shell32

DragQueryFileA
DragAcceptFiles
SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHAppBarMessage
DragQueryFileW

ole32

CoTaskMemAlloc
CoFreeUnusedLibraries
CoInitialize
CoUninitialize
CoCreateInstance
CoTaskMemFree

oleaut32

SysFreeString

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 842KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 168KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

307b9a9362d66040e8224932da4f69a5

Headers

DLL Characteristics

File Characteristics

Imports

wsock32

wininet

crypt32

version

winmm

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 100KB - Virtual size: 96KB

.data Size: 56KB - Virtual size: 842KB

.rsrc Size: 168KB - Virtual size: 166KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 100KB - Virtual size: 96KB

.data
Size: 56KB - Virtual size: 842KB

.rsrc
Size: 168KB - Virtual size: 166KB