b3d972e338aa984f2c70e084ba01edaf7d18187ed6cd7a4ab43318db00e9eb83_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

b3d972e338aa984f2c70e084ba01edaf7d18187ed6cd7a4ab43318db00e9eb83_NeikiAnalytics.exe
Size

1.5MB
MD5

3fdd438dda67188f6ba7b7f9fc5d9ea0
SHA1

e6b1a3ec51937313744e72dfcc024b40b66c0621
SHA256

b3d972e338aa984f2c70e084ba01edaf7d18187ed6cd7a4ab43318db00e9eb83
SHA512

b4119c809b73226ee71e7a4b1743acbc31c21d26ead44d3c8329cd181d9706b01e1ad70d5158a4e490dd545c13cd2cc1db9c3a9372ecf9ae3709927c02c31d90
SSDEEP

24576:W/NH+zRHRP59JM5XI7msDxJZGildG5wvrz7:ZRxnuNIisFJWevP7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b3d972e338aa984f2c70e084ba01edaf7d18187ed6cd7a4ab43318db00e9eb83_NeikiAnalytics.exe

Files

b3d972e338aa984f2c70e084ba01edaf7d18187ed6cd7a4ab43318db00e9eb83_NeikiAnalytics.exe
.exe windows:5 windows x86 arch:x86

31ac0c8c1f936541055f215c06ff8c0d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_EndDrag
ImageList_DragMove
ImageList_DragEnter
ImageList_SetDragCursorImage
ImageList_BeginDrag
ord17
ImageList_Add
ImageList_ReplaceIcon
ImageList_Destroy
ImageList_Create
ImageList_GetImageCount
ImageList_Draw
ImageList_GetIconSize
ord6
ord16
ImageList_DragLeave

kernel32

GetProcAddress
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStartupInfoW
HeapSetInformation
InterlockedCompareExchange
InterlockedExchange
DecodePointer
EncodePointer
ExpandEnvironmentStringsA
OutputDebugStringA
GetStdHandle
TlsAlloc
TlsSetValue
TlsFree
ExitProcess
GetUserDefaultLCID
GetACP
FindNextFileA
DuplicateHandle
CreateProcessA
CreateThread
ResumeThread
SetNamedPipeHandleState
PeekNamedPipe
CreatePipe
WriteFile
ReadFile
TerminateProcess
WaitForSingleObject
SetLastError
MultiByteToWideChar
GetCurrentThreadId
GetVersionExA
SetErrorMode
GetCommandLineA
LoadLibraryA
FreeLibrary
WideCharToMultiByte
LocalFree
LocalAlloc
GetLastError
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GlobalLock
GlobalUnlock
GetExitCodeProcess
GetModuleFileNameA
GetCurrentProcess
GlobalAlloc
GlobalFree
FormatMessageA
CreateFileA
CloseHandle
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileSize
GetTempPathA
FindClose
FindFirstFileA
GetFileTime
GetTempFileNameA
GetFileType
GetFileAttributesA
CopyFileA
SetCurrentDirectoryA
GetWindowsDirectoryA
GetTimeZoneInformation
GetLocaleInfoA
GetThreadLocale
GetEnvironmentVariableA
GetCurrentProcessId
Sleep
GetCPInfo
IsValidCodePage
GetModuleHandleA
SetEnvironmentVariableA

user32

GetIconInfo
SetWindowPos
SetFocus
EnableWindow
ShowWindow
SetCapture
ReleaseCapture
SetCursorPos
GetScrollInfo
SetScrollInfo
ScrollWindow
GetParent
WindowFromPoint
GetCursorPos
SetParent
RedrawWindow
GetForegroundWindow
SetForegroundWindow
IsWindow
InvalidateRect
SetCursor
SendMessageA
PostQuitMessage
TranslateMessage
DispatchMessageA
PeekMessageA
ReleaseDC
GetDC
VkKeyScanA
GetAsyncKeyState
GetSystemMetrics
GetKeyState
GetWindowRect
GetClientRect
FillRect
GetWindowLongA
DdePostAdvise
DdeConnect
DdeNameService
DdeCreateStringHandleA
DdeClientTransaction
DdeDisconnect
DdeInitializeA
DdeGetLastError
DdeCreateDataHandle
DdeGetData
DdeFreeDataHandle
DdeUninitialize
DdeQueryStringA
DdeFreeStringHandle
PostThreadMessageA
WaitForInputIdle
MessageBeep
KillTimer
SetTimer
ShowCursor
SetClipboardData
RegisterClipboardFormatA
EnumDisplaySettingsA
ChangeDisplaySettingsA
DrawStateA
DrawEdge
GetMessagePos
MapWindowPoints
GetMenuStringA
DefMDIChildProcA
TranslateMDISysAccel
DefFrameProcA
ChildWindowFromPoint
OffsetRect
DrawFocusRect
CopyRect
UnionRect
CreateIconIndirect
GetWindowDC
TranslateAcceleratorA
CreateAcceleratorTableA
DestroyAcceleratorTable
DrawIconEx
DrawFrameControl
GetWindowTextA
GetClassNameA
DestroyCursor
ValidateRect
GetMessageA
LoadImageA
SetWindowLongA
LoadBitmapA
LoadIconA
DrawTextA
GetWindowTextLengthA
HideCaret
OpenClipboard
IsClipboardFormatAvailable
CloseClipboard
keybd_event
LoadCursorA
MessageBoxA
DestroyIcon
InsertMenuItemA
GetSubMenu
CreateMenu
AppendMenuA
InsertMenuA
RemoveMenu
DestroyMenu
CreatePopupMenu
SetMenuItemInfoA
ModifyMenuA
CheckMenuRadioItem
CheckMenuItem
GetMenuState
GetUpdateRect
BeginPaint
DrawIcon
EndPaint
SetMenu
PostMessageA
GetDlgItem
CreateDialogParamA
CreateDialogIndirectParamA
RegisterClassA
UnregisterClassA
FlashWindow
SetWindowRgn
GetMenu
AdjustWindowRectEx
GetSystemMenu
EnableMenuItem
DrawMenuBar
GetDesktopWindow
IsIconic
IsZoomed
BringWindowToTop
InflateRect
GetUpdateRgn
GetSysColor
CreateWindowExA
IsDialogMessageA
TrackPopupMenu
PtInRect
GetCapture
DestroyWindow
UnregisterHotKey
RegisterHotKey
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
GetActiveWindow
GetMenuItemCount
GetMenuItemInfoA
SystemParametersInfoA
GetMessageTime
GetWindow
BeginDeferWindowPos
EndDeferWindowPos
SetWindowTextA
GetFocus
IsWindowEnabled
IsWindowVisible
CallWindowProcA
DefWindowProcA
DeferWindowPos
MoveWindow
ClientToScreen
ScreenToClient
UpdateWindow

gdi32

GetSystemPaletteEntries
DeleteEnhMetaFile
CopyEnhMetaFileA
GetEnhMetaFileA
CreateDCA
StartDocA
EndPage
StartPage
EndDoc
SetAbortProc
EnumFontFamiliesExA
GetDIBColorTable
CreateDIBitmap
GetDIBits
CreateDIBSection
CreateICA
PatBlt
CreatePen
ExtCreatePen
CreateBitmap
CreatePatternBrush
CreateHatchBrush
SaveDC
RestoreDC
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
PtInRegion
EqualRgn
GetRgnBox
StretchDIBits
StretchBlt
MaskBlt
BitBlt
CreateCompatibleBitmap
SetBrushOrgEx
Ellipse
RoundRect
Rectangle
PolyPolygon
SetPolyFillMode
Polygon
Pie
Arc
CreateSolidBrush
GetTextColor
GetBkColor
SetMapMode
SetViewportExtEx
SetWindowExtEx
SetViewportOrgEx
SetWindowOrgEx
GetTextExtentExPointA
GetCharABCWidthsA
SetROP2
TextOutA
PolyBezier
Polyline
SetPixel
GetPixel
ExtFloodFill
ExtSelectClipRgn
GetClipBox
SetStretchBltMode
DeleteDC
CreateCompatibleDC
MoveToEx
LineTo
GetStockObject
GetObjectA
SetTextAlign
RectInRegion
CreateRectRgnIndirect
CombineRgn
SelectClipRgn
SetBkMode
SetTextColor
SetBkColor
GetDeviceCaps
DeleteObject
CreateFontIndirectA
GetRegionData
ExtCreateRegion
OffsetRgn
ExcludeClipRect
CreateRectRgn
GetTextExtentPoint32A
SelectPalette
RealizePalette
GdiFlush
SelectObject
GetTextMetricsA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

comdlg32

PageSetupDlgA
PrintDlgA
ChooseFontA
ChooseColorA
GetSaveFileNameA
GetOpenFileNameA
CommDlgExtendedError

advapi32

RegCloseKey
RegOpenKeyExA
RegCreateKeyA
RegEnumValueA
RegEnumKeyA
RegDeleteValueA
RegQueryValueExA
RegSetValueExA
RegDeleteKeyA

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc
ShellExecuteExA
ExtractIconA
DragQueryFileA
DragQueryPoint
DragFinish
DragAcceptFiles
SHBrowseForFolderA
ExtractIconExA

ole32

OleUninitialize
OleInitialize
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleSetClipboard
OleIsCurrentClipboard
OleFlushClipboard
ReleaseStgMedium
OleGetClipboard
CoCreateInstance

msvcp100

??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Ios_base_dtor@ios_base@std@@CAXPAV12@@Z
??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@
??_7ios_base@std@@6B@
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
?_BADOFF@std@@3_JB
?out@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?unshift@?$codecvt@DDH@std@@QBEHAAHPAD1AAPAD@Z
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?in@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Decref@facet@locale@std@@QAEPAV123@XZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@AAD@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?always_noconv@codecvt_base@std@@QBE_NXZ
?_Incref@facet@locale@std@@QAEXXZ
?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
??1_Lockit@std@@QAE@XZ
?_Id_cnt@id@locale@std@@0HA
?id@?$codecvt@DDH@std@@2V0locale@2@A
??0_Lockit@std@@QAE@H@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_N@Z
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z

msvcr100

printf
_purecall
memset
memcpy
??0exception@std@@QAE@ABV01@@Z
_CxxThrowException
??2@YAPAXI@Z
vsprintf
??_V@YAXPAX@Z
free
??3@YAXPAX@Z
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
??0bad_cast@std@@QAE@PBD@Z
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@ABV01@@Z
memmove
isalnum
fgetc
fputc
ungetc
_lock_file
_unlock_file
fflush
setvbuf
memcpy_s
fwrite
fgetpos
_fseeki64
fsetpos
fclose
_putenv
_stricmp
strncpy
toupper
strchr
malloc
calloc
sscanf
strncmp
tolower
feof
ferror
_strdup
atoi
_CIsqrt
_CIsin
_CIcos
atol
floor
_strnicmp
_time64
strftime
strstr
sprintf
isspace
isalpha
isdigit
memchr
qsort
_errno
realloc
strtol
strtoul
strtod
_vsprintf_p
abort
__iob_func
fputs
exit
_open_osfhandle
?_open@@YAHPBDHH@Z
_fdopen
getenv
_get_osfhandle
_fileno
remove
_mkdir
_getcwd
rename
_gmtime64
_localtime64
_mktime64
setlocale
_access
_close
_read
_write
_lseeki64
_telli64
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
fopen
fread
_controlfp_s
_ftelli64
clearerr
_ftime64
bsearch
fprintf
atof
isxdigit
isupper
ispunct
isprint
islower
isgraph
iscntrl
_wassert
_invoke_watson
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
__set_app_type
_fmode
_commode
__setusermatherr
_configthreadlocale
_initterm_e
_strupr
_get_pgmptr
fseek
fgets
ftell
_CIpow
_hypot
_CIatan2
_CIlog
_CItan
_initterm
_acmdln
_ismbblead
_CIatan
_CIexp
vprintf
?terminate@@YAXXZ
_unlock
__dllonexit
_lock
_onexit
_amsg_exit
__getmainargs
_cexit
_exit
_XcptFilter
__CxxFrameHandler3

Sections

.text
Size: 1024KB - Virtual size: 1023KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 367KB - Virtual size: 367KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

31ac0c8c1f936541055f215c06ff8c0d

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

msvcp100

msvcr100

Sections

.text Size: 1024KB - Virtual size: 1023KB

.rdata Size: 367KB - Virtual size: 367KB

.data Size: 40KB - Virtual size: 121KB

.rsrc Size: 55KB - Virtual size: 54KB

.text
Size: 1024KB - Virtual size: 1023KB

.rdata
Size: 367KB - Virtual size: 367KB

.data
Size: 40KB - Virtual size: 121KB

.rsrc
Size: 55KB - Virtual size: 54KB