326b4e2e22dac88a6e3af876a7a096a3c02084064a88866475004f9ac0266217_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

326b4e2e22dac88a6e3af876a7a096a3c02084064a88866475004f9ac0266217_NeikiAnalytics.exe
Size

476KB
MD5

72929f86191aaaa10cdbdd816c481350
SHA1

0eca32eadd9f886d724d3d3b42c9c3a40c21d9b9
SHA256

326b4e2e22dac88a6e3af876a7a096a3c02084064a88866475004f9ac0266217
SHA512

aa6bf510a3f92fdf9adf16eb1172e0c7db4f6fbd93c6ebbe9530ea865b22349415d8e7cd0a40a8c8eba7a5e93409f9b1f47ae8868b3a6b875be1e7e0710132a3
SSDEEP

6144:CTxdWDCv0TarALGBZPe7wekZzD7t65wyXNFKQb/7znZ+6LCvuifw5hqww:id5TrALGb27kZz/U2y9sIZ+6eLc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
326b4e2e22dac88a6e3af876a7a096a3c02084064a88866475004f9ac0266217_NeikiAnalytics.exe

Files

326b4e2e22dac88a6e3af876a7a096a3c02084064a88866475004f9ac0266217_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

87ae18e92c07049d6dd3efaa3c9d54d0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_ReplaceIcon
InitCommonControlsEx
CreateToolbarEx
CreateStatusWindowW
ord17
ImageList_GetImageCount
ImageList_AddMasked
ImageList_Create
ImageList_Destroy
PropertySheetW

comdlg32

CommDlgExtendedError
GetOpenFileNameW

mpr

WNetOpenEnumW
WNetEnumResourceW
WNetGetResourceParentW
WNetGetResourceInformationW
WNetAddConnection2W
WNetCloseEnum

gdi32

DeleteObject

oleaut32

SysStringByteLen
VariantCopy
VariantClear
SysAllocString
SysAllocStringLen
SysStringLen
SysFreeString

ole32

CoTaskMemFree
OleUninitialize
OleInitialize
CoTaskMemAlloc
RevokeDragDrop
DoDragDrop
CoCreateInstance
ReleaseStgMedium
CoInitialize
RegisterDragDrop
CoUninitialize

user32

RemoveMenu
CheckMenuRadioItem
CheckMenuItem
AppendMenuW
GetMenu
LoadMenuW
SetMenu
DrawMenuBar
GetSubMenu
EnableMenuItem
IsDlgButtonChecked
CheckDlgButton
CheckRadioButton
IsZoomed
GetClientRect
ReleaseCapture
SetCapture
GetCapture
LoadIconW
GetWindowPlacement
SetWindowPlacement
LoadAcceleratorsW
GetMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
PostQuitMessage
SetDlgItemTextW
GetFocus
GetKeyState
InvalidateRect
PostMessageW
SetWindowTextW
EndDialog
EnableWindow
DestroyWindow
SetFocus
CreatePopupMenu
DestroyMenu
LoadBitmapW
MessageBoxW
DefWindowProcW
GetClassInfoW
LoadCursorW
RegisterClassW
CallWindowProcW
CreateWindowExW
DialogBoxParamW
SetWindowLongW
GetWindowLongW
ShowWindow
MoveWindow
ScreenToClient
GetDlgItem
GetWindowRect
MapDialogRect
SystemParametersInfoW
GetDialogBaseUnits
GetWindowTextLengthW
GetWindowTextW
SendMessageW
LoadStringW
InsertMenuItemW
SetMenuItemInfoW
GetMenuItemInfoW
SetClipboardData
EmptyClipboard
CloseClipboard
OpenClipboard
CharUpperW
MapVirtualKeyW
SetTimer
UpdateWindow
RegisterClipboardFormatW
WindowFromPoint
ChildWindowFromPointEx
IsWindowEnabled
GetCursorPos
TrackPopupMenuEx
GetMenuItemCount
ClientToScreen
SetCursor
KillTimer
DestroyIcon
GetParent

advapi32

AdjustTokenPrivileges
RegOpenKeyExA
RegQueryValueExA
GetFileSecurityW
SetFileSecurityW
RegQueryValueExW
RegSetValueExW
RegEnumKeyExW
RegDeleteKeyW
RegCloseKey
LookupAccountNameW
LsaOpenPolicy
GetUserNameW
LsaClose
LsaAddAccountRights
LookupPrivilegeValueW
OpenProcessToken
RegCreateKeyExW
RegOpenKeyExW

shell32

SHGetFileInfoW
SHBrowseForFolderW
ShellExecuteExW
DragQueryFileW
DragFinish
SHGetMalloc
SHGetDesktopFolder
SHFileOperationW
SHGetSpecialFolderLocation
ShellExecuteW
ExtractIconExW
SHChangeNotify
SHGetPathFromIDListW

msvcrt

_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_initterm
__setusermatherr
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_except_handler3
_beginthreadex
wcscat
_wcsicmp
__CxxFrameHandler
wcscmp
memcpy
memmove
_CxxThrowException
_controlfp
strcmp
wcsstr
malloc
free
srand
rand
memset
wcslen
memcmp
strlen
_purecall

kernel32

GetCompressedFileSizeW
GetCommandLineW
GetVersionExW
InterlockedDecrement
InterlockedIncrement
AreFileApisANSI
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
FileTimeToLocalFileTime
CreateEventW
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
WaitForSingleObject
WaitForMultipleObjects
GetStdHandle
GetSystemTimeAsFileTime
FileTimeToDosDateTime
GlobalMemoryStatus
lstrlenW
FileTimeToSystemTime
CompareFileTime
CreateProcessW
GetCurrentProcess
GlobalFree
GlobalAlloc
GetFileInformationByHandle
SetEndOfFile
WriteFile
ReadFile
GetUserDefaultLangID
SetFilePointer
GetFileSize
GetLogicalDriveStringsW
FindFirstChangeNotificationW
FindCloseChangeNotification
GetFileAttributesW
GetModuleHandleA
FindNextFileW
FindFirstFileW
FindNextChangeNotification
GetCurrentThreadId
GetCurrentProcessId
GetTempPathW
GetCurrentDirectoryW
SetLastError
DeleteFileW
CreateDirectoryW
MoveFileW
RemoveDirectoryW
SetFileAttributesW
CreateFileW
SetFileTime
CloseHandle
GetWindowsDirectoryW
FormatMessageW
LocalFree
GetModuleFileNameW
LoadLibraryW
LoadLibraryExW
FreeLibrary
GlobalLock
GlobalUnlock
HeapAlloc
GetProcessHeap
HeapFree
GetModuleHandleW
GetProcAddress
GetDiskFreeSpaceW
GetDriveTypeW
GetVolumeInformationW
WideCharToMultiByte
MultiByteToWideChar
GetLastError
GetTickCount
GetSystemDefaultLangID
GlobalSize
OpenProcess
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
Sleep
SetPriorityClass
FindClose
CopyFileW
ExpandEnvironmentStringsW
VirtualAlloc
VirtualFree
SetEvent
InitializeCriticalSection
LoadLibraryA
GetStartupInfoA
DeviceIoControl

Sections

.text
Size: 351KB - Virtual size: 351KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

87ae18e92c07049d6dd3efaa3c9d54d0

Headers

File Characteristics

Imports

comctl32

comdlg32

mpr

gdi32

oleaut32

ole32

user32

advapi32

shell32

msvcrt

kernel32

Sections

.text Size: 351KB - Virtual size: 351KB

.rdata Size: 75KB - Virtual size: 75KB

.data Size: 1KB - Virtual size: 2KB

.rsrc Size: 47KB - Virtual size: 46KB

.text
Size: 351KB - Virtual size: 351KB

.rdata
Size: 75KB - Virtual size: 75KB

.data
Size: 1KB - Virtual size: 2KB

.rsrc
Size: 47KB - Virtual size: 46KB