9e230cb41a0561b48b5bf1ea86de59b151f954200d8354cfbde1de44dac3590d_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

9e230cb41a0561b48b5bf1ea86de59b151f954200d8354cfbde1de44dac3590d_NeikiAnalytics.exe
Size

3.5MB
MD5

823e4b5d8296225b0d5ba64ba343c7b0
SHA1

113305ad14a9479870af3a2e3bd66cdb7ea0bcd8
SHA256

9e230cb41a0561b48b5bf1ea86de59b151f954200d8354cfbde1de44dac3590d
SHA512

a8631dfd6e28773dcba39d5e6bd4722ffa8deecfbb2bc66457f2a94161b23021c0bd37071dcbf6e070ee44a1e2f33065862c0bcaa208842ca8c9db983506992a
SSDEEP

98304:xNvlFIStus0Cu9RKwRlM7XQGpUT15QY7FOfG5ooj9ghi1RebMIg9Cbk/V8L:xZIS8jew7FOfdojDIg9Cbk/V8L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9e230cb41a0561b48b5bf1ea86de59b151f954200d8354cfbde1de44dac3590d_NeikiAnalytics.exe

Files

9e230cb41a0561b48b5bf1ea86de59b151f954200d8354cfbde1de44dac3590d_NeikiAnalytics.exe
.exe windows:5 windows x86 arch:x86

69528729747749ff149d40a3b55695c5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\LMJ_bookswf\tools\SCeBookCourse\ReleaseR\SCeBookKC.pdb

Imports

ws2_32

recvfrom
accept
listen
ioctlsocket
gethostname
getaddrinfo
WSACleanup
freeaddrinfo
connect
socket
closesocket
getpeername
getsockopt
htons
bind
ntohs
getsockname
setsockopt
WSAIoctl
send
recv
select
WSAGetLastError
__WSAFDIsSet
WSASetLastError
WSAStartup
sendto

wldap32

ord118
ord41
ord26
ord208
ord216
ord14
ord145
ord127
ord142
ord79
ord147
ord167
ord301
ord27
ord46
ord133

kernel32

GetWindowsDirectoryW
GetNumberFormatW
VirtualProtect
FindResourceExW
HeapSetInformation
SearchPathW
EncodePointer
DecodePointer
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
HeapReAlloc
ExitThread
CreateThread
GetFileInformationByHandle
GetDriveTypeA
FindFirstFileExA
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
ExitProcess
HeapQueryInformation
HeapSize
SetStdHandle
SetUnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapCreate
QueryPerformanceCounter
UnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetStringTypeW
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
LCMapStringW
GetFullPathNameA
CreateFileA
WriteConsoleW
SetEnvironmentVariableA
GetDriveTypeW
GetProcessHeap
GetProfileIntW
GetCurrentDirectoryW
GetSystemDirectoryW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
GlobalFlags
GetPrivateProfileIntW
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
CompareStringA
GetLocaleInfoW
LoadLibraryExW
InterlockedExchange
GetDiskFreeSpaceW
GetTempFileNameW
GetFileTime
SetFileTime
ReplaceFileW
GetFileAttributesW
FindNextFileW
LocalAlloc
FileTimeToLocalFileTime
GetShortPathNameW
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
GetFileSize
SetEndOfFile
GetFileSizeEx
LockFile
FlushFileBuffers
SetFilePointer
MoveFileW
lstrcmpiW
GetStringTypeExW
lstrcmpA
ReleaseActCtx
CreateActCtxW
SuspendThread
ResumeThread
SetThreadPriority
GlobalGetAtomNameW
lstrcpyW
SystemTimeToFileTime
FileTimeToSystemTime
GetThreadLocale
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetModuleHandleW
InitializeCriticalSectionAndSpinCount
lstrcmpW
GlobalSize
FreeResource
MulDiv
GetCurrentProcessId
ActivateActCtx
DeactivateActCtx
CompareStringW
ExpandEnvironmentStringsA
LoadLibraryW
GetProcAddress
FreeLibrary
GetStdHandle
GetFileType
WaitForMultipleObjects
PeekNamedPipe
ReadFile
FormatMessageA
SleepEx
GetTickCount
SetLastError
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetLastError
SetCurrentDirectoryW
CopyFileW
GetCommandLineW
LocalFree
FormatMessageW
GlobalFree
GlobalUnlock
GlobalAlloc
GlobalLock
DeleteFileW
CreateToolhelp32Snapshot
Process32NextW
Process32FirstW
FindClose
WritePrivateProfileStringW
lstrlenW
TerminateProcess
OpenProcess
WriteFile
GetPrivateProfileStringW
CreateDirectoryW
CreateProcessW
lstrlenA
FindFirstFileW
GetPrivateProfileSectionNamesW
CreateEventW
SetEvent
WaitForSingleObject
CloseHandle
DeviceIoControl
CreateFileW
GetVersionExW
GetCurrentProcess
SetPriorityClass
InterlockedIncrement
Sleep
RaiseException
GetModuleFileNameW
OutputDebugStringW
InterlockedDecrement
MultiByteToWideChar
WideCharToMultiByte
LockResource
SizeofResource
LoadResource
FindResourceW
LocalFileTimeToFileTime
GetFileAttributesExW
SetErrorMode
UnlockFile
GetTempPathW
GetStartupInfoW

user32

UnregisterClassW
GetNextDlgGroupItem
GetIconInfo
EnumChildWindows
InvertRect
HideCaret
GetDoubleClickTime
DestroyCursor
CreateMenu
GetUpdateRect
IsCharLowerW
MapVirtualKeyExW
SubtractRect
GetWindowRgn
DrawFocusRect
DrawEdge
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
SetLayeredWindowAttributes
EnumDisplayMonitors
CopyImage
RealChildWindowFromPoint
WaitMessage
PostThreadMessageW
RegisterClipboardFormatW
GetSysColorBrush
ShowOwnedPopups
DrawStateW
PostQuitMessage
SetWindowContextHelpId
MapDialogRect
InvalidateRgn
SetRect
CopyAcceleratorTableW
GetMessageW
TranslateMessage
MonitorFromPoint
UnpackDDElParam
ReuseDDElParam
LoadImageW
DestroyIcon
LoadAcceleratorsW
InsertMenuItemW
CreatePopupMenu
BringWindowToTop
TranslateAcceleratorW
DestroyMenu
IsMenu
GetMenuItemInfoW
DrawFrameControl
DestroyAcceleratorTable
CharUpperW
IsZoomed
NotifyWinEvent
MessageBeep
WindowFromPoint
GetSystemMenu
DeleteMenu
IntersectRect
InflateRect
SetRectEmpty
LoadMenuW
CharNextW
GetCursorPos
ReleaseCapture
SetCapture
KillTimer
SetTimer
SystemParametersInfoW
OffsetRect
IsRectEmpty
InvalidateRect
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
CheckDlgButton
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetKeyNameTextW
RemovePropW
GetWindowTextLengthW
GetWindowTextW
EnableScrollBar
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
RedrawWindow
ValidateRect
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowLongW
CopyRect
PtInRect
GetWindow
GetMenuStringW
AppendMenuW
GetMenuItemID
InsertMenuW
GetMenuItemCount
GetSubMenu
RemoveMenu
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetSysColor
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
ScreenToClient
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
GetWindowThreadProcessId
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
RegisterWindowMessageW
SetCursor
LoadCursorW
FindWindowW
MessageBoxW
AdjustWindowRectEx
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
IsClipboardFormatAvailable
CreateAcceleratorTableW
GetKeyboardState
GetKeyboardLayout
MapVirtualKeyW
ToUnicodeEx
CharUpperBuffW
LockWindowUpdate
CopyIcon
IsWindow
SendMessageA
SetWindowPos
SetForegroundWindow
DrawIcon
GetClientRect
LoadIconW
GetSystemMetrics
UpdateWindow
IsIconic
FrameRect
SetCursorPos
SetClassLongW
SetMenuDefaultItem
GetMenuDefaultItem
SetParent
GetPropW
UpdateLayeredWindow
GetForegroundWindow
IsWindowVisible
SendMessageW
PostMessageW
GetParent
GetAsyncKeyState
SetWindowRgn
GetWindowRect
EnableWindow
UnionRect
DispatchMessageW
DrawIconEx
SetFocus

gdi32

CreateRectRgn
GetObjectW
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
SelectPalette
GetObjectType
GetDeviceCaps
CreatePen
CreateSolidBrush
CreateHatchBrush
CopyMetaFileW
CreateDCW
CreateEllipticRgn
DPtoLP
LPtoDP
Ellipse
CreateDIBSection
GetBkColor
GetTextColor
CreateCompatibleBitmap
CreateRectRgnIndirect
GetRgnBox
CreateFontIndirectW
GetTextExtentPoint32W
SetRectRgn
CombineRgn
GetMapMode
PatBlt
GetTextMetricsW
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
OffsetRgn
SetDIBColorTable
GetDIBits
StretchBlt
SetPixel
DeleteObject
Polyline
Polygon
Rectangle
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
ExtFloodFill
SetPaletteEntries
GetWindowOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetViewportOrgEx
EnumFontFamiliesExW
GetTextFaceW
SetPixelV
ScaleWindowExtEx
RealizePalette
SelectClipRgn
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
GetStockObject
CreateCompatibleDC
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
SaveDC
CreateBitmap
CreatePolygonRgn
CreateRoundRectRgn
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

GetFileSecurityW
OpenProcessToken
RegCreateKeyExW
RegQueryValueExW
LookupPrivilegeValueW
RegOpenKeyExW
AdjustTokenPrivileges
RegCloseKey
RegSetValueExW
CryptCreateHash
RegEnumValueW
RegEnumKeyExW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegDeleteValueW
SetFileSecurityW
RegSetValueW
CryptGetHashParam
CryptDestroyHash
CryptReleaseContext
CryptHashData
CryptAcquireContextW

shell32

SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetSpecialFolderPathW
DragFinish
DragQueryFileW
SHAppBarMessage
SHBrowseForFolderW
SHGetMalloc
ShellExecuteW
ExtractIconW
SHAddToRecentDocs
SHGetFileInfoW

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathIsUNCW
UrlUnescapeW
PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathRemoveFileSpecW

ole32

ReleaseStgMedium
OleDraw
CreateStreamOnHGlobal
OleRun
CoTaskMemFree
CoInitialize
CoInitializeSecurity
CoUninitialize
CoCreateInstance
CoInitializeEx
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
OleGetClipboard
CoRegisterMessageFilter
CoRevokeClassObject
OleLockRunning
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoCreateGuid
CLSIDFromProgID
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoDisconnectObject
CLSIDFromString
OleDuplicateData
StringFromCLSID
CoTaskMemAlloc

oleaut32

SafeArrayGetUBound
SafeArrayGetElement
VarDateFromStr
SafeArrayDestroy
SafeArrayGetLBound
SysStringLen
VariantChangeType
SysAllocStringLen
SysFreeString
SysStringByteLen
VariantInit
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
VariantTimeToSystemTime
SystemTimeToVariantTime
VarBstrFromDate
OleCreateFontIndirect
LoadTypeLi
SysAllocStringByteLen
VariantCopy
VariantClear
DispCallFunc
LoadRegTypeLi
SysAllocString
GetErrorInfo

oledlg

OleUIBusyW

gdiplus

GdipAlloc
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipCloneImage
GdipDrawImageI
GdipGetImageGraphicsContext
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdiplusShutdown
GdipFree
GdipDeleteGraphics

iphlpapi

GetAdaptersInfo

psapi

EnumProcessModules
GetModuleFileNameExW

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

wininet

InternetCheckConnectionW
InternetCrackUrlW
InternetCanonicalizeUrlW
InternetQueryOptionW
InternetSetOptionExW
HttpOpenRequestW
InternetOpenUrlW
InternetConnectW
HttpSendRequestW
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetOpenW
InternetGetLastResponseInfoW
InternetCloseHandle
HttpQueryInfoW
InternetQueryDataAvailable

winmm

PlaySoundW

Exports

Exports

curl_easy_cleanup
curl_easy_duphandle
curl_easy_escape
curl_easy_getinfo
curl_easy_init
curl_easy_pause
curl_easy_perform
curl_easy_recv
curl_easy_reset
curl_easy_send
curl_easy_setopt
curl_easy_strerror
curl_easy_unescape
curl_escape
curl_formadd
curl_formfree
curl_formget
curl_free
curl_getdate
curl_getenv
curl_global_cleanup
curl_global_init
curl_global_init_mem
curl_maprintf
curl_mfprintf
curl_mprintf
curl_msnprintf
curl_msprintf
curl_multi_add_handle
curl_multi_assign
curl_multi_cleanup
curl_multi_fdset
curl_multi_info_read
curl_multi_init
curl_multi_perform
curl_multi_remove_handle
curl_multi_setopt
curl_multi_socket
curl_multi_socket_action
curl_multi_socket_all
curl_multi_strerror
curl_multi_timeout
curl_multi_wait
curl_mvaprintf
curl_mvfprintf
curl_mvprintf
curl_mvsnprintf
curl_mvsprintf
curl_share_cleanup
curl_share_init
curl_share_setopt
curl_share_strerror
curl_slist_append
curl_slist_free_all
curl_strequal
curl_strnequal
curl_unescape

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 368KB - Virtual size: 367KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 199KB - Virtual size: 199KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

69528729747749ff149d40a3b55695c5

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ws2_32

wldap32

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

iphlpapi

psapi

oleacc

imm32

wininet

winmm

Exports

Exports

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 368KB - Virtual size: 367KB

.data Size: 28KB - Virtual size: 60KB

.rsrc Size: 1.3MB - Virtual size: 1.3MB

.reloc Size: 199KB - Virtual size: 199KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 368KB - Virtual size: 367KB

.data
Size: 28KB - Virtual size: 60KB

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

.reloc
Size: 199KB - Virtual size: 199KB