04f9f3b2dbf2039cc8f39491e83dfe9cd4e3d22b163210f442974b52a32a0f22_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

04f9f3b2dbf2039cc8f39491e83dfe9cd4e3d22b163210f442974b52a32a0f22_NeikiAnalytics.exe
Size

255KB
MD5

892002ea418c999e231e0248fcf61820
SHA1

290197cc2a5aadc1b41df81c0bdf063d94d5d6a2
SHA256

04f9f3b2dbf2039cc8f39491e83dfe9cd4e3d22b163210f442974b52a32a0f22
SHA512

be3f444ed30498d462944dc63421cc22cca9ada344e4503a8e38940a96bd6750611000960e43482dd16b0b4ee3fa6edbfc63e645b2e5e2b9ddc589384fb2a65f
SSDEEP

6144:xwHsp5+JMe09COALAOlN6F+BV+UdvrEFp7hK8Ks:Cc5+JMzEOe1BjvrEH7RKs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04f9f3b2dbf2039cc8f39491e83dfe9cd4e3d22b163210f442974b52a32a0f22_NeikiAnalytics.exe

Files

04f9f3b2dbf2039cc8f39491e83dfe9cd4e3d22b163210f442974b52a32a0f22_NeikiAnalytics.exe
.dll windows:5 windows x86 arch:x86

92a70acc8cdc0ccc063fc2c32cf77f74

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\projects\foobar2000\Release\foo_out_asio.pdb

Imports

uxtheme

SetWindowTheme

kernel32

WriteFile
InitializeCriticalSection
LeaveCriticalSection
TerminateProcess
ReadFile
CreateFileW
GetOverlappedResult
FlushInstructionCache
RaiseException
GetStdHandle
GetLastError
SetLastError
EnterCriticalSection
ResetEvent
CreateEventW
WaitForMultipleObjects
CancelIo
DeleteCriticalSection
GetCurrentThreadId
DuplicateHandle
CloseHandle
CreateNamedPipeW
GetTickCount
WaitForSingleObject
GetCurrentProcess
InterlockedDecrement
WriteConsoleW
SetFilePointer
SetStdHandle
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetStringTypeW
LCMapStringW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
LoadLibraryW
RtlUnwind
GetCurrentProcessId
QueryPerformanceCounter
InterlockedIncrement
CreateProcessW
GetNativeSystemInfo
SetPriorityClass
GetProcAddress
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStartupInfoW
GetFileType
SetHandleCount
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
Sleep
GetModuleFileNameW
ExitProcess
HeapDestroy
HeapCreate
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
GetModuleHandleW
VirtualQuery
GetSystemTimeAsFileTime
InterlockedCompareExchange
InterlockedPushEntrySList
HeapFree
GetProcessHeap
HeapAlloc
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
InterlockedPopEntrySList
InitializeCriticalSectionAndSpinCount
EncodePointer
DecodePointer
HeapQueryInformation
HeapReAlloc
HeapSize
GetCommandLineA
SetConsoleCtrlHandler

user32

DispatchMessageW
GetMessagePos
DefWindowProcW
DestroyMenu
UnregisterClassA
FillRect
SendDlgItemMessageW
MapDialogRect
DrawEdge
DestroyWindow
SetTimer
TrackPopupMenu
UnregisterClassW
MsgWaitForMultipleObjects
DialogBoxParamW
LoadCursorW
MessageBeep
InvalidateRect
GetWindowLongW
PeekMessageW
GetDlgItem
SetWindowLongW
EndDialog
GetParent
ShowWindow
CreatePopupMenu
CreateDialogParamW
MessageBoxW
RegisterClassW
SendMessageW
EnableWindow
BeginPaint
EndPaint
GetWindowTextW
GetClientRect
GetSysColor
DrawTextW

gdi32

CreateFontIndirectW
DeleteObject
GetObjectW
SetTextColor
SetBkMode
SelectObject
GetTextExtentPoint32W

ole32

CoCreateGuid

shared

_ModalDialog_CanCreateNew@0
_uSetDlgItemText@12
_uExceptFilterProc@4
_uAppendMenu@16
_uFormatSystemErrorMessage@8
_uGetDlgItemText@12
_ModalDialog_PokeExisting@0
_uSendMessageText@16
_GetInfiniteWaitEvent@0
??0uCallStackTracker@@QAE@PBD@Z
??1uCallStackTracker@@QAE@XZ

Exports

Exports

foobar2000_get_interface

Sections

.text
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

92a70acc8cdc0ccc063fc2c32cf77f74

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

uxtheme

kernel32

user32

gdi32

ole32

shared

Exports

Exports

Sections

.text Size: 113KB - Virtual size: 113KB

.rdata Size: 41KB - Virtual size: 41KB

.data Size: 7KB - Virtual size: 14KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 13KB - Virtual size: 13KB

.text
Size: 113KB - Virtual size: 113KB

.rdata
Size: 41KB - Virtual size: 41KB

.data
Size: 7KB - Virtual size: 14KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 13KB - Virtual size: 13KB