266dbb4235efbbbdece34176fdbfc7dd014eec8bce95bc0cb0f8377d02698ce2_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

266dbb4235efbbbdece34176fdbfc7dd014eec8bce95bc0cb0f8377d02698ce2_NeikiAnalytics.exe
Size

6.9MB
MD5

c8957dc782131d6c5e0aedb73aa70180
SHA1

6a3f8acba42477328e036de58d0e8adc3f7a4b49
SHA256

266dbb4235efbbbdece34176fdbfc7dd014eec8bce95bc0cb0f8377d02698ce2
SHA512

dbcfb925b13524a9d433db992fde2857a58484ceac4c7a8b956a13583d10ae82bd5a26e6911cb8aef8b1298b37f4c60039a66170f69e3a8526531c02b8b1fe10
SSDEEP

196608:PEgmUDvNW46ES4+CnEY+vnqlswOcQbo+WUxHLMmpKK8Oky02Ey:A/Hvnqlsz6Ok1Ly

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
266dbb4235efbbbdece34176fdbfc7dd014eec8bce95bc0cb0f8377d02698ce2_NeikiAnalytics.exe

Files

266dbb4235efbbbdece34176fdbfc7dd014eec8bce95bc0cb0f8377d02698ce2_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

65cdfe6f38d38019e4aa82b6f3fc713c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

AdjustTokenPrivileges
GetUserNameA
GetUserNameW
LookupPrivilegeValueA
LookupPrivilegeValueW
OpenProcessToken
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyW
RegEnumValueW
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
RegSetValueExW

comctl32

CreateUpDownControl
ImageList_Add
ImageList_AddMasked
ImageList_Create
ImageList_Destroy
ImageList_Draw
ImageList_GetIcon
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_GetImageInfo
ImageList_Remove
ImageList_Replace
ImageList_SetBkColor
InitCommonControls

comdlg32

ChooseFontW
CommDlgExtendedError
GetOpenFileNameW
GetSaveFileNameW
PageSetupDlgW
PrintDlgW

gdi32

AddFontResourceExW
Arc
BitBlt
CloseEnhMetaFile
CombineRgn
CopyEnhMetaFileW
CreateBitmap
CreateBitmapIndirect
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCW
CreateDIBSection
CreateDIBitmap
CreateEnhMetaFileW
CreateFontIndirectW
CreateHatchBrush
CreateICW
CreatePalette
CreatePatternBrush
CreatePen
CreatePolygonRgn
CreateRectRgn
CreateRectRgnIndirect
CreateSolidBrush
DPtoLP
DeleteDC
DeleteEnhMetaFile
DeleteObject
Ellipse
EndDoc
EndPage
EnumFontFamiliesExW
EqualRgn
ExcludeClipRect
ExtCreatePen
ExtCreateRegion
ExtFloodFill
ExtSelectClipRgn
ExtTextOutW
GdiFlush
GetBkColor
GetCharABCWidthsW
GetClipBox
GetDIBColorTable
GetDIBits
GetDeviceCaps
GetEnhMetaFileHeader
GetEnhMetaFileW
GetGraphicsMode
GetMetaFileBitsEx
GetNearestPaletteIndex
GetObjectType
GetObjectW
GetOutlineTextMetricsW
GetPaletteEntries
GetPixel
GetRegionData
GetRgnBox
GetStockObject
GetSystemPaletteEntries
GetTextExtentExPointW
GetTextExtentPoint32W
GetTextMetricsW
GetViewportExtEx
GetWinMetaFileBits
GetWindowExtEx
GetWorldTransform
LPtoDP
LineTo
MaskBlt
ModifyWorldTransform
MoveToEx
OffsetRgn
Pie
PlayEnhMetaFile
PolyBezier
PolyPolygon
Polygon
Polyline
PtInRegion
RealizePalette
RectInRegion
Rectangle
RoundRect
SelectClipRgn
SelectObject
SelectPalette
SetAbortProc
SetBkColor
SetBkMode
SetBrushOrgEx
SetDIBColorTable
SetGraphicsMode
SetLayout
SetMapMode
SetMetaFileBitsEx
SetPixel
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextColor
SetViewportExtEx
SetViewportOrgEx
SetWinMetaFileBits
SetWindowExtEx
SetWindowOrgEx
SetWorldTransform
StartDocW
StartPage
StretchBlt
StretchDIBits

iphlpapi

GetAdaptersInfo

kernel32

AttachConsole
CloseHandle
CopyFileW
CreateEventA
CreateEventW
CreateFileA
CreateFileW
CreateMutexA
CreateMutexW
CreatePipe
CreateProcessW
CreateSemaphoreW
CreateThread
CreateToolhelp32Snapshot
DeleteCriticalSection
EnterCriticalSection
EnumResourceNamesW
ExitProcess
ExpandEnvironmentStringsW
FillConsoleOutputCharacterW
FindClose
FindFirstFileW
FindNextFileW
FindResourceW
FormatMessageW
FreeConsole
FreeLibrary
GetACP
GetCPInfo
GetCommandLineW
GetComputerNameA
GetComputerNameW
GetConsoleScreenBufferInfo
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDiskFreeSpaceExW
GetDriveTypeW
GetEnvironmentVariableA
GetEnvironmentVariableW
GetExitCodeProcess
GetExitCodeThread
GetFileAttributesW
GetFileSize
GetFileTime
GetFileType
GetLastError
GetLocaleInfoW
GetLogicalDriveStringsW
GetLongPathNameW
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetNativeSystemInfo
GetProcAddress
GetProcessAffinityMask
GetProfileStringW
GetShortPathNameW
GetStartupInfoA
GetStdHandle
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetTempFileNameW
GetTempPathW
GetThreadContext
GetThreadLocale
GetUserDefaultUILanguage
GetVersionExA
GetVersionExW
GetWindowsDirectoryW
GlobalAlloc
GlobalFree
GlobalHandle
GlobalLock
GlobalMemoryStatus
GlobalSize
GlobalUnlock
InitializeCriticalSection
IsBadCodePtr
IsBadReadPtr
IsBadStringPtrA
IsDBCSLeadByteEx
IsDebuggerPresent
IsValidCodePage
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
LoadResource
LocalFree
LockResource
MulDiv
MultiByteToWideChar
OpenEventA
OpenMutexA
OpenProcess
OutputDebugStringW
PeekNamedPipe
Process32FirstW
Process32NextW
QueryPerformanceCounter
QueryPerformanceFrequency
ReadConsoleOutputCharacterA
ReadFile
ReleaseMutex
ReleaseSemaphore
ResetEvent
ResumeThread
SetConsoleCursorPosition
SetCurrentDirectoryW
SetErrorMode
SetEvent
SetFileTime
SetHandleInformation
SetLastError
SetNamedPipeHandleState
SetProcessAffinityMask
SetThreadLocale
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
SuspendThread
TerminateProcess
TerminateThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryEnterCriticalSection
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile

mpr

WNetGetConnectionA

msvcrt

__getmainargs
__initenv
__lconv_init
__mb_cur_max
__p__acmdln
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_amsg_exit
_beginthread
_beginthreadex
_cexit
_chdir
_endthreadex
_environ
_errno
_commit
_fdopen
_filelengthi64
_fileno
_fstat64
_get_osfhandle
_getcwd
_getpid
_initterm
_inp
_iob
_lock
_lseeki64
_onexit
_open_osfhandle
_outp
_putws
_setjmp3
fwprintf
_telli64
_unlock
_utime
_waccess
_wchmod
_wcsdup
_wfopen
_wgetcwd
_wgetenv
_wmkdir
_wopen
_wperror
_wputenv
_wremove
_wrename
_wrmdir
_wtoi
_wtol
abort
acos
asin
atan
atof
atoi
atol
bsearch
calloc
clearerr
exit
fclose
feof
ferror
fflush
fgetpos
fgets
fgetwc
fopen
fprintf
fputc
fputs
fputwc
fputws
fread
free
frexp
fseek
fsetpos
ftell
fwrite
getc
getenv
getwc
isalnum
isalpha
islower
isspace
isupper
iswalnum
iswalpha
iswctype
iswdigit
iswprint
iswpunct
iswspace
iswxdigit
isxdigit
localeconv
log10
malloc
memchr
memcmp
memcpy
memmove
memset
mktime
localtime
gmtime
difftime
ctime
putc
putwc
qsort
realloc
remove
rename
setlocale
setvbuf
signal
srand
strcat
strchr
strcmp
strcoll
strcpy
strerror
strftime
strlen
strncmp
strncpy
strpbrk
strrchr
strspn
strstr
strtol
strtoul
strxfrm
system
tan
tolower
toupper
towlower
towupper
ungetc
ungetwc
vfprintf
time
_strdup
_stricmp
_strnicmp
wcschr
wcscmp
wcscoll
wcscpy
wcsftime
wcslen
wcsncpy
wcspbrk
wcsspn
wcsstr
wcstol
wcstoul
wcsxfrm
_stat
_fstat
_timezone
longjmp
_write
_tzset
_rmdir
_read
_mkdir
_fileno
_fdopen
_close
_access

ole32

CoCreateInstance
CoInitializeEx
CoLockObjectExternal
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
OleFlushClipboard
OleGetClipboard
OleInitialize
OleIsCurrentClipboard
OleSetClipboard
OleUninitialize
PropVariantClear
RegisterDragDrop
ReleaseStgMedium
RevokeDragDrop

oleacc

CreateStdAccessibleObject
LresultFromObject

oleaut32

SafeArrayCreate
SafeArrayDestroy
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetVartype
SafeArrayLock
SafeArrayUnlock
SysAllocString
SysFreeString
SysStringLen
SystemTimeToVariantTime
VarBstrFromCy
VariantInit
VariantTimeToSystemTime

shell32

CommandLineToArgvW
DragAcceptFiles
DragFinish
DragQueryFileW
DragQueryPoint
ExtractIconExW
ExtractIconW
SHBrowseForFolderW
SHDefExtractIconW
SHFileOperationW
SHGetFileInfoW
SHGetFolderPathW
SHGetMalloc
SHGetPathFromIDListW
ShellExecuteExW

shlwapi

PathMatchSpecW
SHAutoComplete
StrCmpLogicalW

user32

AdjustWindowRectEx
AnimateWindow
AppendMenuW
BeginDeferWindowPos
BeginPaint
BringWindowToTop
CallNextHookEx
CallWindowProcW
ChangeDisplaySettingsExW
CheckMenuItem
CheckMenuRadioItem
ChildWindowFromPoint
ChildWindowFromPointEx
ClientToScreen
CloseClipboard
CopyRect
CreateAcceleratorTableW
CreateDialogIndirectParamW
CreateDialogParamW
CreateIconFromResourceEx
CreateIconIndirect
CreateMenu
CreatePopupMenu
CreateWindowExW
DdeClientTransaction
DdeConnect
DdeCreateDataHandle
DdeCreateStringHandleW
DdeDisconnect
DdeFreeDataHandle
DdeFreeStringHandle
DdeGetData
DdeGetLastError
DdeInitializeW
DdeNameService
DdePostAdvise
DdeQueryStringW
DdeUninitialize
DefFrameProcW
DefMDIChildProcW
DefWindowProcW
DeferWindowPos
DestroyAcceleratorTable
DestroyCursor
DestroyIcon
DestroyMenu
DestroyWindow
DispatchMessageW
DrawEdge
DrawFocusRect
DrawFrameControl
DrawIconEx
DrawMenuBar
DrawStateW
DrawTextW
EmptyClipboard
EnableMenuItem
EnableScrollBar
EnableWindow
EndDeferWindowPos
EndPaint
EnumClipboardFormats
EnumDisplayMonitors
EnumDisplaySettingsW
EnumWindows
ExitWindowsEx
FillRect
FindWindowExW
FlashWindowEx
GetActiveWindow
GetAsyncKeyState
GetCapture
GetCaretBlinkTime
GetClassInfoW
GetClassNameW
GetClientRect
GetClipboardFormatNameW
GetComboBoxInfo
GetCursorPos
GetDC
GetDesktopWindow
GetDialogBaseUnits
GetDlgItem
GetDoubleClickTime
GetFocus
GetIconInfo
GetKeyState
GetMenuItemCount
GetMenuItemID
GetMenuItemInfoW
GetMenuState
GetMessagePos
GetMessageTime
GetMessageW
GetMonitorInfoW
GetParent
GetProcessDefaultLayout
GetScrollInfo
GetSubMenu
GetSysColor
GetSysColorBrush
GetSystemMenu
GetSystemMetrics
GetUpdateRgn
GetWindow
GetWindowDC
GetWindowLongW
GetWindowPlacement
GetWindowRect
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
HideCaret
InflateRect
InsertMenuItemW
InsertMenuW
InvalidateRect
IsClipboardFormatAvailable
IsDialogMessageW
IsIconic
IsMenu
IsRectEmpty
IsWindow
IsWindowEnabled
IsWindowVisible
IsZoomed
KillTimer
LoadAcceleratorsW
LoadBitmapW
LoadCursorFromFileW
LoadCursorW
LoadIconW
LoadImageW
MapVirtualKeyW
MapWindowPoints
MessageBeep
MessageBoxW
ModifyMenuW
MonitorFromPoint
MonitorFromWindow
MoveWindow
MsgWaitForMultipleObjects
NotifyWinEvent
OffsetRect
OpenClipboard
PeekMessageW
PostMessageW
PostQuitMessage
PostThreadMessageW
PtInRect
RedrawWindow
RegisterClassW
RegisterClipboardFormatW
RegisterHotKey
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
RemoveMenu
ScreenToClient
ScrollWindow
SendMessageW
SetCapture
SetCursor
SetCursorPos
SetFocus
SetForegroundWindow
SetLayeredWindowAttributes
SetMenu
SetMenuInfo
SetMenuItemInfoW
SetParent
SetRect
SetRectEmpty
SetScrollInfo
SetTimer
SetWindowLongW
SetWindowPlacement
SetWindowPos
SetWindowRgn
SetWindowTextW
SetWindowsHookExW
ShowCaret
ShowWindow
SystemParametersInfoW
TrackPopupMenu
TranslateAcceleratorW
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnionRect
UnregisterClassW
UnregisterHotKey
UpdateWindow
ValidateRect
ValidateRgn
VkKeyScanW
WaitForInputIdle
WindowFromPoint
keybd_event

uxtheme

CloseThemeData
DrawThemeBackground
DrawThemeParentBackground
GetCurrentThemeName
GetThemeBackgroundContentRect
GetThemeBackgroundExtent
GetThemeColor
GetThemeFont
GetThemeInt
GetThemeMargins
GetThemePartSize
GetThemeSysColor
GetThemeSysFont
IsAppThemed
IsThemeActive
IsThemeBackgroundPartiallyTransparent
IsThemePartDefined
OpenThemeData
SetWindowTheme

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

winspool.drv

ClosePrinter
DocumentPropertiesW
GetPrinterW
OpenPrinterW

ws2_32

WSAGetLastError
WSAStartup
accept
bind
closesocket
connect
gethostbyname
gethostname
getpeername
getsockname
htonl
htons
inet_addr
inet_ntoa
ioctlsocket
listen
ntohs
recv
recvfrom
send
sendto
setsockopt
socket

Sections

.text
Size: 4.6MB - Virtual size: 4.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 201KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

65cdfe6f38d38019e4aa82b6f3fc713c

Headers

File Characteristics

Imports

advapi32

comctl32

comdlg32

gdi32

iphlpapi

kernel32

mpr

msvcrt

ole32

oleacc

oleaut32

shell32

shlwapi

user32

uxtheme

version

winspool.drv

ws2_32

Sections

.text Size: 4.6MB - Virtual size: 4.6MB

.data Size: 23KB - Virtual size: 22KB

.rdata Size: 1.1MB - Virtual size: 1.1MB

/4 Size: 1.1MB - Virtual size: 1.1MB

.bss Size: - Virtual size: 201KB

.idata Size: 22KB - Virtual size: 21KB

.CRT Size: 512B - Virtual size: 52B

.tls Size: 512B - Virtual size: 8B

.rsrc Size: 44KB - Virtual size: 43KB

.text
Size: 4.6MB - Virtual size: 4.6MB

.data
Size: 23KB - Virtual size: 22KB

.rdata
Size: 1.1MB - Virtual size: 1.1MB

/4
Size: 1.1MB - Virtual size: 1.1MB

.bss
Size: - Virtual size: 201KB

.idata
Size: 22KB - Virtual size: 21KB

.CRT
Size: 512B - Virtual size: 52B

.tls
Size: 512B - Virtual size: 8B

.rsrc
Size: 44KB - Virtual size: 43KB