954a7949a9ea6e4dbe4c456a498f8c6b95489ccf3c424d407b6f10d7e4bfc4f3_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

954a7949a9ea6e4dbe4c456a498f8c6b95489ccf3c424d407b6f10d7e4bfc4f3_NeikiAnalytics.exe
Size

549KB
MD5

bb09a729641b3a63eb531845d0171a00
SHA1

4efd48ad4037857f88210dad2cf2c78195d7d6f6
SHA256

954a7949a9ea6e4dbe4c456a498f8c6b95489ccf3c424d407b6f10d7e4bfc4f3
SHA512

de2ae61968ee31f3cfe790f858d2fcd799ad0f31182a97f6992e07103e2af1fc95a0f20c77edae8253a7f0bb1d6e7b742a1bcaa92ce5f07679707afdade3c712
SSDEEP

12288:i089MwfpW9EooM6D26uQxCLb50JfpOPMcX8:Q29EQSrFxubh0c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
954a7949a9ea6e4dbe4c456a498f8c6b95489ccf3c424d407b6f10d7e4bfc4f3_NeikiAnalytics.exe

Files

954a7949a9ea6e4dbe4c456a498f8c6b95489ccf3c424d407b6f10d7e4bfc4f3_NeikiAnalytics.exe
.exe windows:5 windows x86 arch:x86

5eadf4b48703f5a3a17859b9b5df8a10

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\swing.ape\Inter Dlg Ctrl\DefautAssocieVariable\Release\DassVar.pdb

Imports

kernel32

GetStartupInfoA
RtlUnwind
RaiseException
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
Sleep
ExitProcess
SetStdHandle
GetFileType
HeapSize
VirtualFree
HeapCreate
GetStdHandle
GetACP
IsValidCodePage
LCMapStringA
GetCommandLineA
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
CompareStringW
SetEnvironmentVariableA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetDateFormatA
GetTimeFormatA
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
SetErrorMode
GetOEMCP
GetCPInfo
GlobalFlags
InterlockedIncrement
GetModuleHandleW
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GetFileTime
GetFileSizeEx
GetFileAttributesA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetProfileIntA
CreateFileA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetThreadLocale
InterlockedDecrement
GetModuleFileNameW
CloseHandle
GetCurrentProcessId
WritePrivateProfileStringA
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
GetLocaleInfoA
InterlockedExchange
lstrcmpA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
lstrcmpW
FreeResource
GlobalFree
CopyFileA
GlobalAlloc
lstrlenW
MultiByteToWideChar
lstrlenA
FreeLibrary
GetTickCount
LocalFree
FormatMessageA
MulDiv
GlobalUnlock
GlobalLock
GlobalSize
GlobalReAlloc
GetVersionExA
GetProcAddress
GetModuleHandleA
LoadLibraryA
GetLastError
SetLastError
FindResourceA
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
LCMapStringW
GetPrivateProfileStringA

user32

GetSysColorBrush
RegisterClipboardFormatA
DestroyMenu
CharUpperA
GetMessageA
TranslateMessage
ValidateRect
EndPaint
BeginPaint
GetWindowDC
GetWindowThreadProcessId
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
EnableMenuItem
CheckMenuItem
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
MapWindowPoints
SetMenu
GetScrollPos
SetForegroundWindow
ShowScrollBar
UpdateWindow
MessageBoxA
CreateWindowExA
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
EqualRect
GetScrollInfo
SetScrollInfo
GetDlgCtrlID
CallWindowProcA
SetWindowLongA
SetWindowPos
OffsetRect
GetWindowPlacement
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
GetMenuState
PeekMessageA
DispatchMessageA
WindowFromPoint
ClientToScreen
CopyRect
IsWindowVisible
IsRectEmpty
GetDoubleClickTime
GrayStringA
DrawTextExA
TabbedTextOutA
ReleaseCapture
GetCapture
SetTimer
ClipCursor
SetCapture
InvertRect
PtInRect
PostThreadMessageA
UnregisterClassA
PostMessageA
GetFocus
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableA
CharNextA
GetMessagePos
IsClipboardFormatAvailable
InvalidateRect
GetCursorPos
KillTimer
GetKeyState
IntersectRect
GetParent
DefWindowProcA
GetClassInfoA
IsWindow
SetRect
LoadCursorA
SetCursor
DrawTextA
InflateRect
DrawEdge
FrameRect
FillRect
GetSysColor
ReleaseDC
GetDC
SystemParametersInfoA
wsprintfA
GetMenuItemID
GetSubMenu
GetMenuItemCount
GetMenu
ScreenToClient
GetWindowRect
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
LoadBitmapA
SendMessageA
LoadIconA
EnableWindow

gdi32

SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
GetStockObject
LineTo
SetViewportOrgEx
CreateSolidBrush
GetMapMode
DPtoLP
GetTextColor
GetRgnBox
OffsetViewportOrgEx
SetMapMode
SelectObject
GetWindowExtEx
GetViewportExtEx
DeleteObject
CreateCompatibleDC
SetBkMode
RestoreDC
SaveDC
CreateRectRgnIndirect
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
CopyMetaFileA
PatBlt
GetTextMetricsA
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateFontA
GetObjectA
CreatePen
GetBkColor
CreateCompatibleBitmap
GetDeviceCaps
GetCurrentObject
GetTextExtentPoint32A
CreateFontIndirectA
BitBlt
MoveToEx

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegDeleteKeyA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegCloseKey
RegQueryValueExA

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameA
PathRemoveFileSpecW
PathStripToRootA
PathFindExtensionA
PathRemoveExtensionA
PathIsUNCA

oledlg

ord8

ole32

CoTaskMemAlloc
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CLSIDFromProgID
CLSIDFromString
CoUninitialize
CoCreateInstance
CoInitializeEx
OleGetClipboard
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
OleSetClipboard
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CreateStreamOnHGlobal
CoRegisterMessageFilter
CoRevokeClassObject

oleaut32

SysAllocString
OleCreateFontIndirect
SafeArrayDestroy
VariantCopy
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
SysAllocStringByteLen
SysFreeString
SysStringLen
VarUdateFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime

wsock32

gethostbyname
htonl
htons
bind
WSASetLastError
select
sendto
recvfrom
WSAAsyncSelect
send
recv
WSAGetLastError
inet_addr
ioctlsocket
socket
accept
closesocket
connect
WSAStartup
WSACleanup

Sections

.text
Size: 373KB - Virtual size: 372KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5eadf4b48703f5a3a17859b9b5df8a10

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

shlwapi

oledlg

ole32

oleaut32

wsock32

Sections

.text Size: 373KB - Virtual size: 372KB

.rdata Size: 76KB - Virtual size: 76KB

.data Size: 12KB - Virtual size: 27KB

.rsrc Size: 86KB - Virtual size: 86KB

.text
Size: 373KB - Virtual size: 372KB

.rdata
Size: 76KB - Virtual size: 76KB

.data
Size: 12KB - Virtual size: 27KB

.rsrc
Size: 86KB - Virtual size: 86KB