8c33a982dbd4e43d376c66154fd0151ef63a9b0e1950894cc7f7cfeb83448b2f_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

8c33a982dbd4e43d376c66154fd0151ef63a9b0e1950894cc7f7cfeb83448b2f_NeikiAnalytics.exe
Size

6.0MB
MD5

78216249a5fb2e35383ad69ca34d7680
SHA1

23a142fa0dca4f5b83b566b05e2e021064993436
SHA256

8c33a982dbd4e43d376c66154fd0151ef63a9b0e1950894cc7f7cfeb83448b2f
SHA512

6233bd47fda033cc83465be75a1f5b2287971f3b9c593646fbd47eea5ed431247d0a30344096d3ca714e30e5bd553f574f140107a8c75e3f2826c967735a03cd
SSDEEP

196608:I6XYnZPMiTtQNytAOJ6OvsNZRRqGB5rU:PonuIQNySOA8Y/r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c33a982dbd4e43d376c66154fd0151ef63a9b0e1950894cc7f7cfeb83448b2f_NeikiAnalytics.exe

Files

8c33a982dbd4e43d376c66154fd0151ef63a9b0e1950894cc7f7cfeb83448b2f_NeikiAnalytics.exe
.dll windows:6 windows x64 arch:x64

7a4f75d146d718e614273b7f35f02dc9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

gdiplus

GdipDisposeImage
GdipGetImageGraphicsContext
GdipAlloc
GdipDeletePen
GdipSetPenColor
GdipCreatePen1
GdiplusShutdown
GdipCloneBitmapAreaI
GdipResetClip
GdipSetClipRect
GdipDrawImageRectRect
GdipDrawLines
GdipDrawLine
GdipResetWorldTransform
GdipSetWorldTransform
GdipSetSmoothingMode
GdipCreateFromHWND
GdipCreatePen2
GdipCreateLineBrushI
GdipDeleteMatrix
GdipCreateMatrix2
GdipSetImageAttributesColorMatrix
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipDeleteGraphics
GdiplusStartup
GdipDeleteFont
GdipCreateFont
GdipDeleteFontFamily
GdipCreateFontFamilyFromName
GdipDrawImageI
GdipDrawString
GdipSetStringFormatTrimming
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipDeleteStringFormat
GdipCreateStringFormat
GdipCreateSolidFill
GdipCloneBrush
GdipDeleteBrush
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromStream
GdipCreateBitmapFromFile
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDrawImageRectI
GdipMeasureString
GdipSetInterpolationMode
GdipSetTextRenderingHint
GdipCreateFromHDC
GdipCreateBitmapFromScan0
GdipCloneImage
GdipGraphicsClear
GdipDrawRectangleI
GdipDrawRectangle
GdipFree

opengl32

glEnd
glVertex2f
glColor4ub
glBegin
glScissor
glGetString
glGetIntegerv
glPushMatrix
glClear
glEnable
glLoadIdentity
glDisable
glPopMatrix
wglCreateContext
wglMakeCurrent
wglDeleteContext
wglGetCurrentContext
glTranslatef
glRotatef
glInterleavedArrays
glBlendFunc
glClearColor
glViewport
glOrtho
glGenTextures
glBindTexture
glTexParameteri
glTexImage2D
glTexSubImage2D
glDeleteTextures
glScalef
glDrawArrays
glReadPixels
glColor4f
glLineWidth

d3d9

Direct3DCreate9

kernel32

GetDateFormatW
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
ReadConsoleW
SetFilePointerEx
GetConsoleMode
GetConsoleOutputCP
GetFileType
GetStdHandle
HeapAlloc
HeapFree
GetModuleHandleExW
ExitProcess
InitializeCriticalSectionEx
EncodePointer
DecodePointer
LCMapStringEx
GetStringTypeW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
LoadLibraryExW
GetProcAddress
TlsFree
TlsSetValue
GetCPInfo
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
GetTimeZoneInformation
HeapReAlloc
TlsGetValue
FindFirstFileExW
IsValidCodePage
TlsAlloc
InitializeCriticalSectionAndSpinCount
SetLastError
InterlockedFlushSList
RaiseException
RtlPcToFileHeader
RtlUnwindEx
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetACP
GetOEMCP
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetProcessHeap
SetStdHandle
FlushFileBuffers
HeapSize
SetEndOfFile
WriteConsoleW
GetTimeFormatW
RtlCaptureContext
GetModuleHandleW
FreeLibrary
RtlVirtualUnwind
RtlLookupFunctionEntry
CloseHandle
CreateThread
GetTickCount
GetModuleFileNameW
GetThreadId
WaitForSingleObject
SetEvent
CreateEventW
Sleep
GlobalLock
GlobalUnlock
GetCurrentThreadId
GetLastError
FindFirstFileW
FindNextFileW
FindClose
GetTempPathW
SetPriorityClass
GlobalSize
GlobalAlloc
GlobalFree
GetFileAttributesW
CreateFileW
GetFileSizeEx
GetCommandLineW
WideCharToMultiByte
MultiByteToWideChar
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
SetFilePointer
WriteFile
LeaveCriticalSection
VerSetConditionMask
VerifyVersionInfoW
GetComputerNameW
LocalFree
GetFileSize
ReadFile
GlobalMemoryStatusEx
FindResourceW
SizeofResource
LoadResource
LockResource
ResumeThread

user32

UpdateWindow
ShowCursor
SetCursorPos
ClientToScreen
SetWindowLongPtrW
MoveWindow
RegisterClipboardFormatW
EmptyClipboard
SetClipboardData
GetDesktopWindow
SetWindowTextW
GetWindowTextLengthW
GetWindowTextW
GetWindowLongPtrW
ReleaseDC
GetCursor
GetSystemMetrics
GetDoubleClickTime
GetDC
GetWindowThreadProcessId
CloseClipboard
GetClipboardData
OpenClipboard
IsClipboardFormatAvailable
ShowWindow
EnableWindow
SendMessageW
CreateWindowExW
DestroyWindow
IsWindowVisible
PostMessageW
GetMessageW
PeekMessageW
UnregisterClassW
KillTimer
SetTimer
RegisterClassW
DefWindowProcW
EndPaint
BeginPaint
GetIconInfoExW
PostThreadMessageW
TrackPopupMenu
GetCursorPos
DestroyMenu
InsertMenuItemW
CreatePopupMenu
SetWindowPos
SetCursor
LoadCursorW
ReleaseCapture
SetCapture
SetParent
IsWindow
GetKeyState
MessageBoxW
SetFocus
TrackMouseEvent

gdi32

ChoosePixelFormat
SwapBuffers
SetPixelFormat
GetStockObject
GetDeviceCaps

advapi32

RegDeleteValueW
ConvertSidToStringSidW
LookupAccountNameW
RegSetValueExW
RegCreateKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

shell32

SHGetSpecialFolderPathW
ShellExecuteExW
SHCreateItemFromParsingName
DragAcceptFiles

ole32

CoInitializeEx
CreateStreamOnHGlobal
CoCreateGuid
CoCreateInstance
CoTaskMemFree

comctl32

ord413
ord412
ord410

wininet

InternetOpenW
HttpOpenRequestW
InternetCloseHandle
InternetReadFile
HttpQueryInfoW
HttpSendRequestW
InternetConnectW

d2d1

ord1

Exports

Exports

ExitDll
GetPluginFactory
InitDll

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 277KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4.5MB - Virtual size: 4.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7a4f75d146d718e614273b7f35f02dc9

Headers

DLL Characteristics

File Characteristics

Imports

gdiplus

opengl32

d3d9

kernel32

user32

gdi32

advapi32

shell32

ole32

comctl32

wininet

d2d1

Exports

Exports

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 277KB - Virtual size: 276KB

.data Size: 28KB - Virtual size: 62KB

.pdata Size: 30KB - Virtual size: 29KB

.rsrc Size: 4.5MB - Virtual size: 4.5MB

.reloc Size: 13KB - Virtual size: 12KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 277KB - Virtual size: 276KB

.data
Size: 28KB - Virtual size: 62KB

.pdata
Size: 30KB - Virtual size: 29KB

.rsrc
Size: 4.5MB - Virtual size: 4.5MB

.reloc
Size: 13KB - Virtual size: 12KB