9b1d349fbef83a9eea1dc3825a8553892eb022428dc4343570fb6c329378f490_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

9b1d349fbef83a9eea1dc3825a8553892eb022428dc4343570fb6c329378f490_NeikiAnalytics.exe
Size

200KB
MD5

eda69b4c44502286f3f0b8542886df90
SHA1

3787a1c522acfd2cbffc1b8dc7050412cc0d4b54
SHA256

9b1d349fbef83a9eea1dc3825a8553892eb022428dc4343570fb6c329378f490
SHA512

4c2e1d41468364e4d821b8a6e5c6d86f500bc1dd016006a9e3a7427e7a2c0b7b3bb23d209fcc64d7a5bcc40d41f3abce2adc4bff0830b83bb73fb75f7702e025
SSDEEP

3072:BXmx7J0eDwoOSfG3OoO//eYY8RtelllifIsbkZDyWN/:k5SUwoxWc//lhiefw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9b1d349fbef83a9eea1dc3825a8553892eb022428dc4343570fb6c329378f490_NeikiAnalytics.exe

Files

9b1d349fbef83a9eea1dc3825a8553892eb022428dc4343570fb6c329378f490_NeikiAnalytics.exe
.dll windows:4 windows x86 arch:x86

9349651ced436d200e0dbe23cd51e2fa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\工程\项目工程\国际\重新登陆\公用MainControl\Release\MainControl.pdb

Imports

kernel32

LeaveCriticalSection
GlobalReAlloc
GlobalHandle
EnterCriticalSection
TlsGetValue
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
InterlockedDecrement
SetErrorMode
RaiseException
GlobalFlags
InterlockedIncrement
WritePrivateProfileStringA
ReadFile
FlushFileBuffers
GetCurrentProcess
LocalAlloc
GetCPInfo
GetOEMCP
RtlUnwind
ExitProcess
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
GetCommandLineA
ExitThread
HeapReAlloc
TerminateProcess
HeapSize
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetTimeZoneInformation
SetUnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
GlobalGetAtomNameA
GlobalFindAtomA
lstrcatA
lstrcmpW
FreeResource
GlobalAddAtomA
GetCurrentThread
GlobalDeleteAtom
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
SetLastError
GlobalFree
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
lstrcpynA
LocalFree
CreateEventA
SuspendThread
SetEvent
WaitForSingleObject
GetCurrentThreadId
ResumeThread
SetThreadPriority
CompareStringW
CompareStringA
lstrcmpiA
GetVersion
GetLastError
lstrlenA
FreeLibrary
GetPrivateProfileStringA
OpenProcess
ReadProcessMemory
Sleep
MultiByteToWideChar
CreateThread
VirtualQuery
GetModuleFileNameA
GetModuleHandleA
CreateFileA
SetFilePointer
WriteFile
CloseHandle
LoadLibraryA
GetProcAddress
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange

user32

TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
BeginPaint
EndPaint
DestroyMenu
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
SetFocus
GetWindowTextA
GetForegroundWindow
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
LoadIconA
MapWindowPoints
SetForegroundWindow
wsprintfA
GetClientRect
GetMenu
GetSysColor
AdjustWindowRectEx
GetClassInfoA
RegisterClassA
UnregisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
CopyRect
PtInRect
GetWindow
GetDesktopWindow
SetActiveWindow
GetSystemMetrics
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
MessageBoxA
EnableWindow
GetWindowThreadProcessId
FindWindowA
SendMessageA
SetCursor
PostMessageA
PostQuitMessage
GetMenuItemID
GetMenuItemCount
ClientToScreen
LoadCursorA
GetDC
ReleaseDC
GetSysColorBrush
ShowWindow
UpdateWindow
LoadBitmapA
GetMenuCheckMarkDimensions
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuA
GetParent
GetFocus
SetMenuItemBitmaps
ValidateRect
GetSubMenu
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
SetWindowLongA

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

comctl32

ord17

shlwapi

PathFindExtensionA
PathFindFileNameA

oleacc

LresultFromObject
CreateStdAccessibleObject

gdi32

SetViewportOrgEx
GetStockObject
GetDeviceCaps
GetClipBox
SetTextColor
SetBkColor
GetObjectA
DeleteObject
SaveDC
DeleteDC
RestoreDC
SetMapMode
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
CreateBitmap
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
OffsetViewportOrgEx

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

oleaut32

VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 120KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9349651ced436d200e0dbe23cd51e2fa

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

comctl32

shlwapi

oleacc

gdi32

winspool.drv

oleaut32

Sections

.text Size: 120KB - Virtual size: 116KB

.rdata Size: 32KB - Virtual size: 29KB

.data Size: 8KB - Virtual size: 25KB

.rsrc Size: 16KB - Virtual size: 14KB

.reloc Size: 20KB - Virtual size: 17KB

.text
Size: 120KB - Virtual size: 116KB

.rdata
Size: 32KB - Virtual size: 29KB

.data
Size: 8KB - Virtual size: 25KB

.rsrc
Size: 16KB - Virtual size: 14KB

.reloc
Size: 20KB - Virtual size: 17KB