aed126ca66af7051d1a2ef51c1dd78dc7cd889e9af862eccef77ae4b676a0128_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

aed126ca66af7051d1a2ef51c1dd78dc7cd889e9af862eccef77ae4b676a0128_NeikiAnalytics.exe
Size

3.8MB
MD5

9511ee50a15a2b3b7ce8a1806d0a60c0
SHA1

639dfb4d305303e6234948462b8aa95b380663bd
SHA256

aed126ca66af7051d1a2ef51c1dd78dc7cd889e9af862eccef77ae4b676a0128
SHA512

ae7b0bbc0945af961284db1816077af86e4f25e565cdcdf51b199bff36d375636c74b96cf7922e94c04536d5c384a94ba27369570ea7b008c91c261c208c26ed
SSDEEP

98304:/9zAoIOBisUeFZy8gfweB/AFcKe9BpDws9kEkxPOJ:/5I7RAFwVws9k8J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aed126ca66af7051d1a2ef51c1dd78dc7cd889e9af862eccef77ae4b676a0128_NeikiAnalytics.exe

Files

aed126ca66af7051d1a2ef51c1dd78dc7cd889e9af862eccef77ae4b676a0128_NeikiAnalytics.exe
.exe windows:6 windows x86 arch:x86

e27a5ffebd428cf62615d9f1817ff908

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Projects\WinRAR\build\winrar32\Release\WinRAR.pdb

Imports

kernel32

HeapAlloc
HeapFree
DosDateTimeToFileTime
SetLastError
CreateHardLinkW
IsDebuggerPresent
DebugBreak
OutputDebugStringW
GetProcessHeap
ReleaseSemaphore
WaitForSingleObjectEx
OpenSemaphoreW
CreateMutexExW
CreateSemaphoreExW
GetCurrentThreadId
GetModuleFileNameA
GetModuleHandleExW
FormatMessageW
GetDiskFreeSpaceW
FindCloseChangeNotification
FindFirstChangeNotificationW
GetCompressedFileSizeW
GetLocalTime
GetFileInformationByHandle
LocalFree
DeleteFileW
RemoveDirectoryW
DeviceIoControl
BackupRead
BackupSeek
GetLongPathNameW
GetShortPathNameW
GetStdHandle
FlushFileBuffers
GetFileType
GetFileTime
CreateDirectoryW
GetDiskFreeSpaceExW
GetFileAttributesW
SetFileAttributesW
FindNextFileW
GetVersionExW
SetCurrentDirectoryW
GetCurrentDirectoryW
GetFullPathNameW
GetModuleFileNameW
FoldStringW
LoadResource
SizeofResource
FindResourceW
LoadLibraryExW
ExpandEnvironmentStringsW
CompareStringA
CreateEventW
GetCurrentThread
SetThreadPriority
SetPriorityClass
GetSystemDirectoryW
SetThreadExecutionState
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetEvent
ResetEvent
CreateSemaphoreW
CreateThread
GetProcessAffinityMask
FileTimeToLocalFileTime
GetSystemTime
SystemTimeToTzSpecificLocalTime
TzSpecificLocalTimeToSystemTime
FileTimeToSystemTime
SystemTimeToFileTime
CompareStringW
WideCharToMultiByte
GetCPInfo
IsDBCSLeadByte
EnumResourceNamesW
EnumResourceLanguagesW
BeginUpdateResourceW
UpdateResourceW
EndUpdateResourceW
GetLocaleInfoW
GetNumberFormatW
GetLogicalDrives
GetTempPathW
SetEnvironmentVariableW
GlobalMemoryStatusEx
LockResource
GetDateFormatW
GetTimeFormatW
HeapCreate
ResumeThread
GetStartupInfoW
GetSystemTimeAsFileTime
Beep
FindNextChangeNotification
SetErrorMode
GetThreadPriority
GetPriorityClass
CompareFileTime
WaitForMultipleObjects
MulDiv
OutputDebugStringA
GetEnvironmentVariableW
LocalFileTimeToFileTime
LoadLibraryW
FreeLibrary
HeapSize
WriteConsoleW
GetStringTypeW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
IsValidCodePage
FindFirstFileExW
SetStdHandle
LCMapStringW
HeapReAlloc
GetFileSizeEx
DecodePointer
ExitProcess
GetConsoleOutputCP
ReadConsoleW
GetConsoleMode
SetFilePointerEx
FreeLibraryAndExitThread
ExitThread
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
RtlUnwind
InitializeSListHead
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
QueryPerformanceFrequency
QueryPerformanceCounter
TryEnterCriticalSection
InitializeCriticalSectionEx
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
LoadLibraryExA
VirtualQuery
VirtualProtect
GetSystemInfo
RaiseException
WriteFile
SetFileTime
SetFilePointer
SetEndOfFile
ReadFile
GetFileSize
CreateFileW
MoveFileW
GetTickCount
GetCPInfoExW
GetOEMCP
GetACP
GetCurrentProcessId
GetCurrentProcess
Sleep
GetVolumeInformationW
GetDriveTypeW
GlobalFree
GlobalLock
GlobalUnlock
GlobalSize
HeapDestroy
GlobalAlloc
CreateMutexW
ReleaseMutex
GetLastError
MultiByteToWideChar
GetProcAddress
GetModuleHandleW
CopyFileW
UnmapViewOfFile
MapViewOfFile
OpenFileMappingW
CreateFileMappingW
WaitForSingleObject
CloseHandle
GetCommandLineW
GetPhysicallyInstalledSystemMemory
FindFirstFileW
SuspendThread
FindClose

user32

TranslateAcceleratorW
CreateDialogIndirectParamW
BringWindowToTop
FlashWindow
DispatchMessageW
TranslateMessage
GetMessageW
RegisterWindowMessageW
EnumDisplayMonitors
CopyImage
FindWindowExW
FillRect
MessageBoxW
GetForegroundWindow
keybd_event
FlashWindowEx
CreateIcon
EnumWindows
SetForegroundWindow
IsCharAlphaW
CopyRect
RegisterClassExW
GetSysColor
ValidateRect
DrawIconEx
LoadImageW
SetPropW
GetSystemMenu
MessageBoxIndirectW
CharLowerW
CharUpperW
LoadStringW
GetPropW
RemovePropW
FindWindowW
CreateIconIndirect
GetIconInfo
SendMessageW
GetMenuState
GetLastActivePopup
GetMenuItemID
SetMenu
LoadMenuW
LoadAcceleratorsW
SendInput
IsChild
RegisterClassW
PostQuitMessage
GetClipboardData
LoadIconW
CreateDialogParamW
DefWindowProcW
CreateWindowExW
DestroyWindow
SetFocus
GetWindowLongW
SetWindowLongW
SetWindowPos
GetWindowPlacement
SetWindowPlacement
IsWindowVisible
DialogBoxParamW
EndDialog
GetDlgItem
SetDlgItemInt
GetDlgItemInt
SetProcessDefaultLayout
OemToCharBuffW
CharToOemBuffW
OemToCharBuffA
OemToCharA
GetComboBoxInfo
ScrollWindowEx
PostThreadMessageW
SetScrollPos
SetScrollRange
SystemParametersInfoW
IsDialogMessageW
RedrawWindow
MessageBeep
CharToOemA
EmptyClipboard
PeekMessageW
GetScrollInfo
EnableMenuItem
SetDlgItemTextW
IsDlgButtonChecked
SendDlgItemMessageW
GetWindowRect
MapWindowPoints
GetParent
DestroyIcon
ShowWindow
UpdateWindow
GetDlgItemTextW
CheckDlgButton
OpenClipboard
CloseClipboard
SetClipboardData
SetTimer
KillTimer
GetWindowDC
PostMessageW
CheckMenuItem
GetFocus
MoveWindow
EndPaint
BeginPaint
AppendMenuW
GetMenuItemCount
DrawMenuBar
ScreenToClient
ClientToScreen
CallWindowProcW
PtInRect
SetMenuItemInfoW
GetMenuItemInfoW
InsertMenuItemW
TrackPopupMenu
DeleteMenu
InsertMenuW
GetSubMenu
DestroyMenu
CreatePopupMenu
GetMenu
IsWindow
WaitForInputIdle
LoadCursorW
GetWindowThreadProcessId
WindowFromPoint
GetCursorPos
SetCursor
GetKeyState
RegisterClipboardFormatW
GetWindow
GetDesktopWindow
IntersectRect
GetClientRect
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
ReleaseDC
GetDC
GetSystemMetrics
EnableWindow
IsIconic
IsWindowEnabled
CharToOemBuffA
GetClassNameW
EnumChildWindows
InvalidateRect
ExitWindowsEx

gdi32

DPtoLP
GetPixel
CreateDIBSection
CreateSolidBrush
Rectangle
SetPixel
TextOutA
SetMapMode
GetMapMode
GetDeviceCaps
CreateBitmap
LineTo
StretchBlt
CreatePen
GetTextFaceW
GetTextMetricsW
CreateFontW
ExtTextOutW
SetBkColor
GetObjectW
GetTextExtentPoint32W
TextOutW
MoveToEx
BitBlt
SelectObject
DeleteObject
DeleteDC
CreateCompatibleDC
CreateCompatibleBitmap
SetTextColor

comdlg32

ChooseFontW
CommDlgExtendedError
GetSaveFileNameW
GetOpenFileNameW

shell32

SHGetMalloc
SHGetFolderLocation
SHGetDesktopFolder
DragAcceptFiles
FindExecutableW
DragFinish
Shell_NotifyIconW
DragQueryFileW
ShellExecuteW
SHGetSpecialFolderLocation
SHGetFileInfoW
ord100
SHGetFolderPathW
SHAddToRecentDocs
SHGetPathFromIDListW
SHFileOperationW
ShellExecuteExW
SHChangeNotify

ole32

RegisterDragDrop
OleUninitialize
OleInitialize
CLSIDFromString
CreateStreamOnHGlobal
CoTaskMemAlloc
OleSetClipboard
DoDragDrop
CoTaskMemFree
CoInitializeEx
CoUninitialize
CoCreateInstance
CoSetProxyBlanket
RevokeDragDrop

oleaut32

VariantCopy
SysAllocString
SysFreeString
VariantClear
VariantInit

shlwapi

SHAutoComplete
StrCmpLogicalW

powrprof

SetSuspendState

comctl32

InitCommonControlsEx
ImageList_ReplaceIcon
ImageList_Create
CreateStatusWindowW
ord381
PropertySheetW

uxtheme

IsThemeActive
IsAppThemed

gdiplus

GdiplusStartup
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipDisposeImage
GdipCloneImage
GdipFree
GdipAlloc
GdiplusShutdown
GdipCreateBitmapFromHBITMAP
GdipBitmapGetPixel
GdipBitmapSetPixel

msimg32

GradientFill

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 249KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 99KB - Virtual size: 335KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didat
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 900KB - Virtual size: 899KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 656KB - Virtual size: 660KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e27a5ffebd428cf62615d9f1817ff908

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

shell32

ole32

oleaut32

shlwapi

powrprof

comctl32

uxtheme

gdiplus

msimg32

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 249KB - Virtual size: 248KB

.data Size: 99KB - Virtual size: 335KB

.didat Size: 512B - Virtual size: 128B

.rsrc Size: 900KB - Virtual size: 899KB

.reloc Size: 656KB - Virtual size: 660KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 249KB - Virtual size: 248KB

.data
Size: 99KB - Virtual size: 335KB

.didat
Size: 512B - Virtual size: 128B

.rsrc
Size: 900KB - Virtual size: 899KB

.reloc
Size: 656KB - Virtual size: 660KB