b9485b9250de79cb01cb7f54d785aee653a4d6e35c29861ff3fa48fefffccdf9_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

b9485b9250de79cb01cb7f54d785aee653a4d6e35c29861ff3fa48fefffccdf9_NeikiAnalytics.exe
Size

1.4MB
MD5

6f24179c24aa1b25cb281a583afd03d0
SHA1

8ad957cccc5926f327632b35cdf7a5a9de45c874
SHA256

b9485b9250de79cb01cb7f54d785aee653a4d6e35c29861ff3fa48fefffccdf9
SHA512

c1211c1bced766b1ff1cd48a8f09af898784cc2f656ee3c6d5c8fe1448e90f9bdbd4f0bacb2e8a4e3e78a4773dc63d78abf9117c991d2d71bee1d86cb3a1f0bf
SSDEEP

12288:AjNlhbbXc3ajG+hjQKymY8efKCpD7Gj9G6G1qT8nQkCu83L3Wl/np9DBDt3kbE:khHsqjnhMgeiCl7G0nehbGZpbD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b9485b9250de79cb01cb7f54d785aee653a4d6e35c29861ff3fa48fefffccdf9_NeikiAnalytics.exe

Files

b9485b9250de79cb01cb7f54d785aee653a4d6e35c29861ff3fa48fefffccdf9_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

7272d2071071e3dcf1f165258fa2185b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
WideCharToMultiByte
FindFirstFileW
FindClose
GetShortPathNameW
CreatePipe
lstrcatW
GetUserDefaultLangID
LocalFree
CreateMutexW
GetLastError
GetFileSize
ReadFile
GetSystemDirectoryW
lstrlenW
LocalAlloc
GetModuleFileNameW
GetVersionExW
GetModuleHandleW
GetSystemInfo
lstrcmpiW
FreeLibrary
LoadLibraryW
GetProcAddress
Sleep
CreateProcessW
CreateFileW
CloseHandle
GetStartupInfoW

user32

EnableWindow
GetWindowTextW
GetClassNameW
GetWindow
SendMessageW
PostMessageW
wsprintfW
GetSystemMetrics
SetWindowPos
GetWindowTextLengthW
GetWindowRect
SetWindowTextW
SetTimer
KillTimer
LoadIconW

gdi32

SelectObject
GetTextExtentPoint32W

advapi32

GetNamedSecurityInfoW
BuildExplicitAccessWithNameW
SetEntriesInAclW
SetNamedSecurityInfoW
RegDeleteKeyW
RegCreateKeyExW
RegSetValueExW
CryptAcquireContextW
CryptReleaseContext
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shell32

SHGetFolderPathW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetSpecialFolderPathW

msvcp60

??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
?length@?$char_traits@D@std@@SAIPBD@Z

ftuikit_u

?GetClass@CTextUI@DuiLib@@UBEPBGXZ
?GetInterface@CTextUI@DuiLib@@UAEPAXPBG@Z
?GetControlFlags@CTextUI@DuiLib@@UBEIXZ
?Activate@CControlUI@DuiLib@@UAE_NXZ
?GetText@CLabelUI@DuiLib@@UBE?AVCDuiString@2@XZ
?SetBkImage@CControlUI@DuiLib@@QAEXPBG@Z
??0CLabelUI@DuiLib@@QAE@XZ
?SetTextColor@CLabelUI@DuiLib@@QAEXK@Z
?SetFont@CLabelUI@DuiLib@@QAEXH@Z
??0CTextUI@DuiLib@@QAE@XZ
?GetFont@CPaintManagerUI@DuiLib@@QAEPAUHFONT__@@H@Z
?GetPaintDC@CPaintManagerUI@DuiLib@@QBEPAUHDC__@@XZ
?GetLength@CDuiString@DuiLib@@QBEHXZ
?Mid@CDuiString@DuiLib@@QBE?AV12@HH@Z
?Find@CDuiString@DuiLib@@QBEHPBGH@Z
?SetInstance@CPaintManagerUI@DuiLib@@SAXPAUHINSTANCE__@@@Z
?SetResourcePath@CPaintManagerUI@DuiLib@@SAXPBG@Z
?SetResourceZip@CPaintManagerUI@DuiLib@@SAXPBG_N@Z
??0CNotifyPump@DuiLib@@QAE@XZ
?GetResourceType@WindowImplBase@DuiLib@@UBE?AW4UILIB_RESOURCETYPE@2@XZ
?GetZIPFileName@WindowImplBase@DuiLib@@UBE?AVCDuiString@2@XZ
?HandleCustomMessage@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?FindSubControlsByClass@CPaintManagerUI@DuiLib@@QAEPAVCStdPtrArray@2@PAVCControlUI@2@PBG@Z
?GetSize@CStdPtrArray@DuiLib@@QBEHXZ
?GetAt@CStdPtrArray@DuiLib@@QBEPAXH@Z
?Right@CDuiString@DuiLib@@QBE?AV12@H@Z
?SetText@CLabelUI@DuiLib@@UAEXPBG@Z
?SetVisible@CControlUI@DuiLib@@UAEX_N@Z
?SetEnabled@CControlUI@DuiLib@@UAEX_N@Z
??1CTextUI@DuiLib@@UAE@XZ
??1CLabelUI@DuiLib@@UAE@XZ
?GetHeight@CDuiRect@DuiLib@@QBEHXZ
?GetWidth@CDuiRect@DuiLib@@QBEHXZ
??0CDuiRect@DuiLib@@QAE@HHHH@Z
??0CDuiRect@DuiLib@@QAE@XZ
?PaintText@CButtonUI@DuiLib@@UAEXPAUHDC__@@@Z
?PaintStatusImage@CButtonUI@DuiLib@@UAEXPAUHDC__@@@Z
?EstimateSize@CButtonUI@DuiLib@@UAE?AUtagSIZE@@U3@@Z
?SetAttribute@CButtonUI@DuiLib@@UAEXPBG0@Z
?DoEvent@CButtonUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?SetEnabled@CButtonUI@DuiLib@@UAEX_N@Z
?Activate@CButtonUI@DuiLib@@UAE_NXZ
?GetControlFlags@CButtonUI@DuiLib@@UBEIXZ
?GetInterface@CButtonUI@DuiLib@@UAEPAXPBG@Z
?OnMouseMove@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
??4CDuiString@DuiLib@@QAEABV01@ABV01@@Z
?GetData@CDuiString@DuiLib@@QBEPBGXZ
?OnSysCommand@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?Create@CWindowWnd@DuiLib@@QAEPAUHWND__@@PAU3@PBGKKHHHHPAUHMENU__@@@Z
?CenterWindow@CWindowWnd@DuiLib@@QAEXXZ
?ShowModal@CWindowWnd@DuiLib@@QAEIXZ
?Close@CWindowWnd@DuiLib@@QAEXI@Z
??4CDuiString@DuiLib@@QAEABV01@PBG@Z
??1CButtonUI@DuiLib@@UAE@XZ
??0CButtonUI@DuiLib@@QAE@XZ
?SetBorderRound@CControlUI@DuiLib@@QAEXUtagSIZE@@@Z
?FindControl@CPaintManagerUI@DuiLib@@QBEPAVCControlUI@2@PBG@Z
?Notify@WindowImplBase@DuiLib@@UAEXAAUtagTNotifyUI@2@@Z
??1CDuiString@DuiLib@@QAE@XZ
??8CDuiString@DuiLib@@QBE_NPBG@Z
?HandleMessage@WindowImplBase@DuiLib@@UAEJIIJ@Z
??BCDuiString@DuiLib@@QBEPBGXZ
?GetHWND@CWindowWnd@DuiLib@@QBEPAUHWND__@@XZ
?SetValue@CProgressUI@DuiLib@@QAEXH@Z
?DoPostPaint@CControlUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?PaintBorder@CControlUI@DuiLib@@UAEXPAUHDC__@@@Z
?PaintText@CControlUI@DuiLib@@UAEXPAUHDC__@@@Z
?PaintStatusImage@CControlUI@DuiLib@@UAEXPAUHDC__@@@Z
?PaintBkImage@CControlUI@DuiLib@@UAEXPAUHDC__@@@Z
?PaintBkColor@CControlUI@DuiLib@@UAEXPAUHDC__@@@Z
?DoPaint@CListLabelElementUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?EstimateSize@CListTextElementUI@DuiLib@@UAE?AUtagSIZE@@U3@@Z
?SetAttribute@CListElementUI@DuiLib@@UAEXPBG0@Z
?DoEvent@CListTextElementUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?Event@CControlUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoInit@CControlUI@DuiLib@@UAEXXZ
?Init@CControlUI@DuiLib@@UAEXXZ
?FindControl@CControlUI@DuiLib@@UAEPAV12@P6GPAV12@PAV12@PAX@Z1I@Z
?SetFloat@CControlUI@DuiLib@@UAEX_N@Z
?IsFloat@CControlUI@DuiLib@@UBE_NXZ
?SetFocus@CControlUI@DuiLib@@UAEXXZ
?IsFocused@CControlUI@DuiLib@@UBE_NXZ
?SetKeyboardEnabled@CControlUI@DuiLib@@UAEX_N@Z
?IsKeyboardEnabled@CControlUI@DuiLib@@UBE_NXZ
?SetMouseEnabled@CControlUI@DuiLib@@UAEX_N@Z
?IsMouseEnabled@CControlUI@DuiLib@@UBE_NXZ
?SetEnabled@CListElementUI@DuiLib@@UAEX_N@Z
?IsEnabled@CControlUI@DuiLib@@UBE_NXZ
?SetInternVisible@CControlUI@DuiLib@@UAEX_N@Z
?SetVisible@CListElementUI@DuiLib@@UAEX_N@Z
?IsVisible@CControlUI@DuiLib@@UBE_NXZ
?SetTag@CControlUI@DuiLib@@UAEXI@Z
?GetTag@CControlUI@DuiLib@@UBEIXZ
?SetUserData@CControlUI@DuiLib@@UAEXPBG@Z
?GetUserData@CControlUI@DuiLib@@UAEABVCDuiString@2@XZ
?SetContextMenuUsed@CControlUI@DuiLib@@UAEX_N@Z
?IsContextMenuUsed@CControlUI@DuiLib@@UBE_NXZ
?SetShortcut@CControlUI@DuiLib@@UAEXG@Z
?GetShortcut@CControlUI@DuiLib@@UBEGXZ
?GetToolTipWidth@CControlUI@DuiLib@@UAEHXZ
?SetToolTipWidth@CControlUI@DuiLib@@UAEXH@Z
?SetToolTip@CControlUI@DuiLib@@UAEXPBG@Z
?GetToolTip@CControlUI@DuiLib@@UBE?AVCDuiString@2@XZ
?IsRelativePos@CControlUI@DuiLib@@UBE_NXZ
?GetRelativePos@CControlUI@DuiLib@@UBE?AUtagTRelativePosUI@2@XZ
?SetRelativeParentSize@CControlUI@DuiLib@@UAEXUtagSIZE@@@Z
?SetRelativePos@CControlUI@DuiLib@@UAEXUtagSIZE@@0@Z
?SetMaxHeight@CControlUI@DuiLib@@UAEXH@Z
?GetMaxHeight@CControlUI@DuiLib@@UBEHXZ
?SetMinHeight@CControlUI@DuiLib@@UAEXH@Z
?GetMinHeight@CControlUI@DuiLib@@UBEHXZ
?SetMaxWidth@CControlUI@DuiLib@@UAEXH@Z
?GetMaxWidth@CControlUI@DuiLib@@UBEHXZ
?SetMinWidth@CControlUI@DuiLib@@UAEXH@Z
?GetMinWidth@CControlUI@DuiLib@@UBEHXZ
?SetFixedHeight@CControlUI@DuiLib@@UAEXH@Z
?GetFixedHeight@CControlUI@DuiLib@@UBEHXZ
?SetFixedWidth@CControlUI@DuiLib@@UAEXH@Z
?GetFixedWidth@CControlUI@DuiLib@@UBEHXZ
?SetFixedXY@CControlUI@DuiLib@@UAEXUtagSIZE@@@Z
?GetFixedXY@CControlUI@DuiLib@@UBE?AUtagSIZE@@XZ
?SetPadding@CControlUI@DuiLib@@UAEXUtagRECT@@@Z
?GetPadding@CControlUI@DuiLib@@UBE?AUtagRECT@@XZ
?GetY@CControlUI@DuiLib@@UBEHXZ
?GetX@CControlUI@DuiLib@@UBEHXZ
?GetHeight@CControlUI@DuiLib@@UBEHXZ
?GetWidth@CControlUI@DuiLib@@UBEHXZ
?SetPos@CControlUI@DuiLib@@UAEXUtagRECT@@@Z
?GetPos@CControlUI@DuiLib@@UBEABUtagRECT@@XZ
?SetText@CControlUI@DuiLib@@UAEXPBG@Z
?GetText@CControlUI@DuiLib@@UBE?AVCDuiString@2@XZ
?GetParent@CControlUI@DuiLib@@UBEPAV12@XZ
?SetManager@CControlUI@DuiLib@@UAEXPAVCPaintManagerUI@2@PAV12@_N@Z
?GetManager@CControlUI@DuiLib@@UBEPAVCPaintManagerUI@2@XZ
?Activate@CListElementUI@DuiLib@@UAE_NXZ
?GetControlFlags@CListTextElementUI@DuiLib@@UBEIXZ
?GetInterface@CListTextElementUI@DuiLib@@UAEPAXPBG@Z
?GetClass@CListTextElementUI@DuiLib@@UBEPBGXZ
?SetName@CControlUI@DuiLib@@UAEXPBG@Z
?GetName@CControlUI@DuiLib@@UBE?AVCDuiString@2@XZ
??0CListTextElementUI@DuiLib@@QAE@XZ
??1CListTextElementUI@DuiLib@@UAE@XZ
?GetInstance@CPaintManagerUI@DuiLib@@SAPAUHINSTANCE__@@XZ
??HCDuiString@DuiLib@@QBE?AV01@PBG@Z
?GetInstancePath@CPaintManagerUI@DuiLib@@SA?AVCDuiString@2@XZ
?CreateControl@WindowImplBase@DuiLib@@UAEPAVCControlUI@2@PBG@Z
?MessageHandler@WindowImplBase@DuiLib@@UAEJIIJAA_N@Z
?GetMessageMap@WindowImplBase@DuiLib@@MBEPBUDUI_MSGMAP@2@XZ
?GetStyle@WindowImplBase@DuiLib@@UAEJXZ
?DoEvent@CTextUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?OnLButtonUp@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnLButtonDown@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnSetFocus@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnKillFocus@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnKeyDown@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnCreate@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnChar@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnSize@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnMouseHover@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnMouseWheel@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnGetMinMaxInfo@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnNcHitTest@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnNcPaint@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnNcCalcSize@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnNcActivate@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnDestroy@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnClose@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?GetResourceID@WindowImplBase@DuiLib@@UBEPBGXZ
?ResponseDefaultKeyEvent@WindowImplBase@DuiLib@@MAEJI@Z
?OnClick@WindowImplBase@DuiLib@@MAEXAAUtagTNotifyUI@2@@Z
?InitWindow@WindowImplBase@DuiLib@@UAEXXZ
?OnFinalMessage@WindowImplBase@DuiLib@@UAEXPAUHWND__@@@Z
?GetClassStyle@WindowImplBase@DuiLib@@UBEIXZ
?GetSuperClassName@CWindowWnd@DuiLib@@MBEPBGXZ
??1WindowImplBase@DuiLib@@UAE@XZ
??1CNotifyPump@DuiLib@@QAE@XZ
??0CDuiString@DuiLib@@QAE@XZ
??0CDuiString@DuiLib@@QAE@ABV01@@Z
??0CDuiString@DuiLib@@QAE@PBGH@Z
??_7WindowImplBase@DuiLib@@6BIDialogBuilderCallback@1@@
??_7WindowImplBase@DuiLib@@6BIMessageFilterUI@1@@
??_7WindowImplBase@DuiLib@@6BINotifyUI@1@@
??_7WindowImplBase@DuiLib@@6BCNotifyPump@1@@
??_7WindowImplBase@DuiLib@@6BCWindowWnd@1@@
??0CPaintManagerUI@DuiLib@@QAE@XZ
??_7CNotifyPump@DuiLib@@6B@
??0CStdStringPtrMap@DuiLib@@QAE@H@Z
??0CWindowWnd@DuiLib@@QAE@XZ
??1CStdStringPtrMap@DuiLib@@QAE@XZ
??1CPaintManagerUI@DuiLib@@QAE@XZ
?PaintText@CLabelUI@DuiLib@@UAEXPAUHDC__@@@Z
?EstimateSize@CLabelUI@DuiLib@@UAE?AUtagSIZE@@U3@@Z
?DoEvent@CLabelUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?GetControlFlags@CControlUI@DuiLib@@UBEIXZ
?GetInterface@CLabelUI@DuiLib@@UAEPAXPBG@Z
?GetClass@CLabelUI@DuiLib@@UBEPBGXZ
?PaintText@CTextUI@DuiLib@@UAEXPAUHDC__@@@Z
?DoPaint@CControlUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?EstimateSize@CTextUI@DuiLib@@UAE?AUtagSIZE@@U3@@Z
?SetAttribute@CLabelUI@DuiLib@@UAEXPBG0@Z
?GetClass@CButtonUI@DuiLib@@UBEPBGXZ

crypt32

CertFreeCertificateContext
CertFindCertificateInStore
CertCreateCertificateContext
CertOpenStore
CertCloseStore
CertGetIntendedKeyUsage
CryptDecodeObject
CertFindExtension
CryptVerifyCertificateSignature

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

shlwapi

PathFileExistsW

msvcrt

??1exception@@UAE@XZ
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__wgetmainargs
_wcmdln
exit
_XcptFilter
_exit
?terminate@@YAXXZ
_except_handler3
??1type_info@@UAE@XZ
_onexit
__dllonexit
fgets
strstr
wcstol
_purecall
time
localtime
sprintf
fputs
_wtol
fwrite
fseek
__CxxFrameHandler
_beginthreadex
??2@YAPAXI@Z
wcslen
wcscat
memmove
ftell
??0exception@@QAE@ABV0@@Z
strncpy
??0exception@@QAE@XZ
_CxxThrowException
isprint
printf
swprintf
wcscpy
free
malloc
fclose
fopen

Sections

.text
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7272d2071071e3dcf1f165258fa2185b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

msvcp60

ftuikit_u

crypt32

version

shlwapi

msvcrt

Sections

.text Size: 130KB - Virtual size: 129KB

.rdata Size: 34KB - Virtual size: 33KB

.data Size: 84KB - Virtual size: 88KB

.rsrc Size: 1.2MB - Virtual size: 1.8MB

.text
Size: 130KB - Virtual size: 129KB

.rdata
Size: 34KB - Virtual size: 33KB

.data
Size: 84KB - Virtual size: 88KB

.rsrc
Size: 1.2MB - Virtual size: 1.8MB