224f919a3bd9d19e8cf820d019e5fbd4752ddc65197e15d575136f63d24f6052_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

224f919a3bd9d19e8cf820d019e5fbd4752ddc65197e15d575136f63d24f6052_NeikiAnalytics.exe
Size

5.8MB
MD5

45ff48bacffe1cb34cb47493581c6780
SHA1

e13f37c5e0907300a0d054adda4c63e2f95cc113
SHA256

224f919a3bd9d19e8cf820d019e5fbd4752ddc65197e15d575136f63d24f6052
SHA512

e8e1d102b598625527247045f81133202943cf27150916d5280315a8eb97e504407d523f2af2c6b2a87ebbe366b41bf6189d9c0fbe0383eb4d6d95316444c934
SSDEEP

98304:V4ETVJ6FmGH5SdtXKgb5lcivdP1WA3BNoZqRpxQ:VrK8G4Lt5lcivdrNoZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
224f919a3bd9d19e8cf820d019e5fbd4752ddc65197e15d575136f63d24f6052_NeikiAnalytics.exe

Files

224f919a3bd9d19e8cf820d019e5fbd4752ddc65197e15d575136f63d24f6052_NeikiAnalytics.exe
.dll windows:5 windows x64 arch:x64

5204b5bec3f8a2786659164740139c87

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
GetFileAttributesExW
OutputDebugStringW
SetEvent
TerminateThread
QueryPerformanceFrequency
DeleteFileW
CloseHandle
GetNativeSystemInfo
LoadLibraryW
ResetEvent
GetCurrentDirectoryW
GetOverlappedResult
GetProcAddress
ReplaceFileW
DeleteCriticalSection
ExitProcess
GetComputerNameW
FreeLibrary
CopyFileW
CreateFileMappingW
MapViewOfFile
QueryPerformanceCounter
MoveFileW
GetDriveTypeW
IsDebuggerPresent
ConnectNamedPipe
SetUnhandledExceptionFilter
FlushFileBuffers
GetCommandLineW
GlobalSize
GlobalAlloc
GlobalLock
GetCurrentProcessId
GlobalUnlock
LoadLibraryA
GetPriorityClass
HeapSize
WriteConsoleW
SetStdHandle
GetCommandLineA
SetEnvironmentVariableA
FreeEnvironmentStringsW
FormatMessageW
GetProcessHeap
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetConsoleCP
GetOEMCP
IsValidCodePage
GetFileType
GetStdHandle
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
HeapFree
HeapReAlloc
HeapAlloc
GetACP
FreeLibraryAndExitThread
ExitThread
CreateThread
GetTimeZoneInformation
InterlockedFlushSList
LoadLibraryExW
RtlUnwindEx
RaiseException
RtlPcToFileHeader
InitializeSListHead
GetStartupInfoW
IsProcessorFeaturePresent
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
WaitForSingleObjectEx
GetCPInfo
GetStringTypeW
LCMapStringW
CompareStringW
GetModuleHandleW
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
SetLastError
MultiByteToWideChar
DecodePointer
EncodePointer
WideCharToMultiByte
Sleep
CreateEventW
GetLogicalDriveStringsW
GetEnvironmentStringsW
GetCurrentThreadId
GetCurrentThread
GetThreadPriority
CreateDirectoryW
SetThreadAffinityMask
ReadFile
TryEnterCriticalSection
GetVolumeInformationW
CancelIo
FindFirstFileW
SetPriorityClass
EnterCriticalSection
FindNextFileW
GetCurrentProcess
WriteFile
GetModuleHandleExW
TerminateProcess
RemoveDirectoryW
GetModuleFileNameW
WaitForMultipleObjects
SetThreadPriority
LeaveCriticalSection
InitializeCriticalSection
DisconnectNamedPipe
GetModuleHandleA
UnmapViewOfFile
GetSystemDirectoryW
ReleaseMutex
GetFileAttributesW
CreateFileW
WaitForSingleObject
GetLocaleInfoW
FindClose
CreateMutexW
GetTempPathW
SetFilePointer

user32

SetWindowsHookExA
GetClassNameA
GetSystemMetrics
CallNextHookEx
PostMessageA
SetWindowPos
GetWindowRect
AttachThreadInput
GetWindowThreadProcessId
GetWindowTextW
TranslateMessage
SetFocus
EnumWindows
PeekMessageW
DispatchMessageW
RegisterClassExW
GetWindowLongPtrW
UnregisterClassW
CreateWindowExW
SetWindowLongPtrW
DestroyWindow
GetFocus
SendMessageTimeoutW
PostMessageW
DefWindowProcW
GetMessageW
UnhookWindowsHookEx
BeginPaint
IsWindow
ReleaseDC
SetCursorPos
InvalidateRect
SetForegroundWindow
ReleaseCapture
GetParent
SystemParametersInfoW
EnableMenuItem
GetDesktopWindow
ShowCaret
DrawIconEx
UpdateLayeredWindow
GetClientRect
SetWindowLongW
SetCursor
ToUnicode
SetClipboardData
SetCapture
DestroyCaret
LoadCursorW
FindWindowW
GetClipboardData
SetLayeredWindowAttributes
GetMessageTime
GetForegroundWindow
TrackMouseEvent
EndPaint
GetAncestor
CreateCaret
IsChild
EmptyClipboard
CloseClipboard
CreateIconIndirect
GetMonitorInfoW
ShowWindow
GetActiveWindow
SetCaretPos
GetKeyboardState
DestroyCursor
GetWindowPlacement
WindowFromPoint
MessageBeep
SetWindowTextW
EndDialog
SendMessageW
ScreenToClient
GetIconInfo
EnumDisplayMonitors
EnumChildWindows
MessageBoxW
IsWindowVisible
GetDC
MapVirtualKeyW
GetMessagePos
GetUpdateRgn
GetAsyncKeyState
OpenClipboard
GetCapture
RedrawWindow
DestroyIcon
GetWindowInfo
GetMessageExtraInfo
GetSystemMenu
GetWindowLongW
GetCursorPos

gdi32

ChoosePixelFormat
SwapBuffers
SetPixelFormat
AddFontMemResourceEx
GetKerningPairsW
EnumFontFamiliesExW
GetTextMetricsW
SetMapperFlags
GetGlyphIndicesW
GetGlyphOutlineW
RemoveFontMemResourceEx
CreateFontIndirectW
GetOutlineTextMetricsW
SaveDC
SelectObject
CreateDIBSection
CreateCompatibleDC
StretchDIBits
CreateRectRgnIndirect
GetDeviceCaps
CreateRectRgn
DeleteDC
GetRegionData
GetObjectW
ExcludeClipRect
RestoreDC
DeleteObject
SetMapMode
CreateBitmap
CombineRgn

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

SystemFunction036
RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW

shell32

ShellExecuteW
SHFileOperationW
SHGetSpecialFolderPathW
SHGetMalloc
ExtractAssociatedIconW
SHBrowseForFolderW
SHGetPathFromIDListW
Shell_NotifyIconW

ole32

CoTaskMemFree
PropVariantClear
RegisterDragDrop
DoDragDrop
CoTaskMemAlloc
OleInitialize
OleUninitialize
CoCreateInstance
CoInitialize
RevokeDragDrop

wininet

InternetReadFile
InternetSetOptionW
InternetConnectW
InternetCloseHandle
FtpOpenFileW
HttpEndRequestW
InternetCrackUrlW
InternetSetFilePointer
HttpQueryInfoW
InternetWriteFile
HttpOpenRequestW
HttpSendRequestExW
InternetOpenW

ws2_32

send
inet_ntoa
recv
getsockopt
htonl
htons
freeaddrinfo
sendto
ioctlsocket
setsockopt
inet_addr
WSAStartup
getaddrinfo
select
closesocket
accept
__WSAFDIsSet
bind

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

shlwapi

PathStripToRootW

winmm

midiOutPrepareHeader
midiOutGetDevCapsW
midiInOpen
midiOutOpen
timeBeginPeriod
timeGetTime
timeKillEvent
midiInReset
midiInPrepareHeader
midiOutUnprepareHeader
midiInGetDevCapsW
midiInClose
midiInAddBuffer
midiInGetNumDevs
midiInStart
midiOutShortMsg
midiOutGetNumDevs
midiOutLongMsg
midiOutClose
midiInStop
midiInUnprepareHeader

imm32

ImmNotifyIME
ImmGetCompositionStringW
ImmReleaseContext
ImmGetContext
ImmSetCandidateWindow

opengl32

glEnable
glGenTextures
glBindTexture
wglGetCurrentContext
wglShareLists
glClear
glViewport
glScissor
glBlendFunc
glReadPixels
wglCreateContext
wglGetProcAddress
glTexParameteri
glDeleteTextures
glClearColor
glGetBooleanv
glDrawArrays
wglDeleteContext
glTexImage2D
glDrawElements
glDisable
wglMakeCurrent
glPixelStorei
glGetString
glGetError
glGetIntegerv

Exports

Exports

VSTPluginMain

Sections

.text
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 155KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 1024B - Virtual size: 788B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 1024B - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5204b5bec3f8a2786659164740139c87

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

wininet

ws2_32

version

shlwapi

winmm

imm32

opengl32

Exports

Exports

Sections

.text Size: 2.9MB - Virtual size: 2.9MB

.rdata Size: 2.6MB - Virtual size: 2.6MB

.data Size: 60KB - Virtual size: 69KB

.pdata Size: 155KB - Virtual size: 155KB

.gfids Size: 1024B - Virtual size: 788B

.tls Size: 512B - Virtual size: 9B

_RDATA Size: 1024B - Virtual size: 816B

.rsrc Size: 1024B - Virtual size: 1016B

.reloc Size: 40KB - Virtual size: 40KB

.text
Size: 2.9MB - Virtual size: 2.9MB

.rdata
Size: 2.6MB - Virtual size: 2.6MB

.data
Size: 60KB - Virtual size: 69KB

.pdata
Size: 155KB - Virtual size: 155KB

.gfids
Size: 1024B - Virtual size: 788B

.tls
Size: 512B - Virtual size: 9B

_RDATA
Size: 1024B - Virtual size: 816B

.rsrc
Size: 1024B - Virtual size: 1016B

.reloc
Size: 40KB - Virtual size: 40KB