b4e309bb455e4df9da0cede93af3419d7d99d1c4ca215890f07f58bce0e27283_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

b4e309bb455e4df9da0cede93af3419d7d99d1c4ca215890f07f58bce0e27283_NeikiAnalytics.exe
Size

2.3MB
MD5

338f29dc7786b037105c72c7c683dbd0
SHA1

71cdaaa09d8bf706e1b4fb9dc00f4143d36e3b44
SHA256

b4e309bb455e4df9da0cede93af3419d7d99d1c4ca215890f07f58bce0e27283
SHA512

46ad65001b7e81f9c5a0e6a3b4e7d1f4d697e8b65d0e77806fd1bda17ff0f56155a91e05e9dad1f7d4f3e3f7f4710cd7f83c6e5ffdf044d488f87185ddc23890
SSDEEP

49152:Y6S0JYDvnVtFi0MkS6RPgpqfIcomvzfF:D05SYomvZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b4e309bb455e4df9da0cede93af3419d7d99d1c4ca215890f07f58bce0e27283_NeikiAnalytics.exe

Files

b4e309bb455e4df9da0cede93af3419d7d99d1c4ca215890f07f58bce0e27283_NeikiAnalytics.exe
.exe windows:6 windows x64 arch:x64

4f34a27ca0bc242e7dfe18c8c332c55e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

client.pdb

Imports

bcryptprimitives

ProcessPrng

kernel32

WriteConsoleW
FormatMessageW
GetFileType
FindFirstFileW
CreateDirectoryW
GetFileInformationByHandleEx
GetFileInformationByHandle
CreateFileW
FindClose
HeapAlloc
GetProcessHeap
ReleaseMutex
lstrlenW
HeapReAlloc
HeapFree
GetSystemTimePreciseAsFileTime
TerminateProcess
SetHandleInformation
GetFullPathNameW
GetStdHandle
GetCurrentProcess
SetFileInformationByHandle
CreateMutexA
GetEnvironmentVariableW
GetCurrentDirectoryW
SetLastError
RtlLookupFunctionEntry
RtlVirtualUnwind
RtlCaptureContext
SwitchToThread
SetThreadStackGuarantee
AddVectoredExceptionHandler
GetLastError
LocalFree
GetCurrentThread
CreateThread
CreateEventA
WaitForSingleObject
SetEvent
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
SetConsoleOutputCP
GetConsoleOutputCP
AttachConsole
AllocConsole
WideCharToMultiByte
MultiByteToWideChar
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
GetCurrentProcessId
WaitForSingleObjectEx
LoadLibraryA
GetProcAddress
GetModuleHandleW
GetModuleHandleA
FreeLibrary
Sleep
QueryPerformanceFrequency
QueryPerformanceCounter
OutputDebugStringA
SetConsoleTextAttribute
GetConsoleScreenBufferInfo
SetConsoleMode
GetConsoleMode
IsDebuggerPresent
CloseHandle

ws2_32

WSAStartup
WSACleanup
closesocket
freeaddrinfo
WSAGetLastError
recv
send
WSASocketW
getaddrinfo
connect

gdi32

CreateBitmap
CreateDIBSection
DeleteObject

user32

WindowFromPoint
TranslateMessage
DispatchMessageW
PeekMessageW
SendMessageA
PostMessageA
DefWindowProcW
PostQuitMessage
RegisterClassW
UnregisterClassW
CreateWindowExW
DestroyWindow
ShowWindow
SetWindowPos
IsIconic
GetKeyState
GetAsyncKeyState
SetCapture
ReleaseCapture
SetTimer
KillTimer
GetSystemMetrics
RegisterRawInputDevices
GetRawInputData
GetMonitorInfoA
MonitorFromWindow
MonitorFromPoint
CreateIconIndirect
LoadImageW
DestroyIcon
LoadIconA
LoadCursorW
LoadCursorA
SetWindowLongPtrA
PtInRect
ClipCursor
GetDC
ScreenToClient
ClientToScreen
GetCursorPos
SetCursor
SetCursorPos
ShowCursor
AdjustWindowRectEx
GetWindowRect
GetClientRect
ReleaseDC
TrackMouseEvent

shell32

DragAcceptFiles
DragQueryFileW
DragFinish

d3d11

D3D11CreateDeviceAndSwapChain

ole32

CoUninitialize
CoCreateInstance
CoInitializeEx

api-ms-win-core-synch-l1-2-0

WakeByAddressSingle
WaitOnAddress
WakeByAddressAll

ntdll

NtReadFile
NtWriteFile
RtlNtStatusToDosError

steam_api64

SteamAPI_ManualDispatch_Init
SteamInternal_SteamAPI_Init
SteamAPI_Shutdown
SteamAPI_ISteamNetworkingSockets_CloseListenSocket
SteamAPI_ISteamNetworkingSockets_CloseConnection
SteamAPI_ISteamUser_GetSteamID
SteamAPI_SteamUser_v023
SteamAPI_ISteamFriends_GetPersonaName
SteamAPI_SteamFriends_v017

sdl2

SDL_free
SDL_SetHint
SDL_GameControllerClose
SDL_QuitSubSystem
SDL_Quit
SDL_GameControllerName
SDL_Init
SDL_InitSubSystem
SDL_IsGameController
SDL_NumJoysticks
SDL_GameControllerOpen
SDL_GetError
SDL_WaitEvent

vcruntime140

__CxxFrameHandler3
memcpy
memset
memmove
memcmp
__current_exception_context
_CxxThrowException
__C_specific_handler
__current_exception

api-ms-win-crt-math-l1-1-0

roundf
ceil
trunc
exp
floor
sqrt
cos
atan2f
__setusermatherr
fmodf

api-ms-win-crt-string-l1-1-0

strncpy_s
strlen

api-ms-win-crt-runtime-l1-1-0

abort
_register_thread_local_exe_atexit_callback
_seh_filter_exe
_set_app_type
terminate
_configure_narrow_argv
_get_initial_narrow_environment
_initterm
_initterm_e
exit
_exit
_crt_atexit
__p___argc
__p___argv
_cexit
_c_exit
_initialize_narrow_environment
_set_abort_behavior
_register_onexit_function
_initialize_onexit_table

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__stdio_common_vfprintf
fputs
__acrt_iob_func
__p__commode
freopen_s

api-ms-win-crt-heap-l1-1-0

malloc
free
_set_new_mode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 508KB - Virtual size: 508KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4f34a27ca0bc242e7dfe18c8c332c55e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

bcryptprimitives

kernel32

ws2_32

gdi32

user32

shell32

d3d11

ole32

api-ms-win-core-synch-l1-2-0

ntdll

steam_api64

sdl2

vcruntime140

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 508KB - Virtual size: 508KB

.data Size: 4KB - Virtual size: 54KB

.pdata Size: 62KB - Virtual size: 62KB

.reloc Size: 10KB - Virtual size: 10KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 508KB - Virtual size: 508KB

.data
Size: 4KB - Virtual size: 54KB

.pdata
Size: 62KB - Virtual size: 62KB

.reloc
Size: 10KB - Virtual size: 10KB