121af4c272bee035ab01023ccb5f29916755d157dcd8e73ba4733f79afdea83d_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

121af4c272bee035ab01023ccb5f29916755d157dcd8e73ba4733f79afdea83d_NeikiAnalytics.exe
Size

2.0MB
MD5

08232588981f1c785a30e965fa1cb450
SHA1

6210d877cb77239b994fd2b426976fc7fda6db39
SHA256

121af4c272bee035ab01023ccb5f29916755d157dcd8e73ba4733f79afdea83d
SHA512

71517cd64871d4f61c2b0c054a5acb2570e0f34b800e89acc11d9d397060b38377782318c3f5eef508a24c4f16a841fcf7ff66d44b51487cfca9481e34616ee0
SSDEEP

49152:57DdfrRlp2w0ODD7teu1P6hQi3oN4Sr1Gt+0f:VDlrMwZDD7tMNSr1gf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
121af4c272bee035ab01023ccb5f29916755d157dcd8e73ba4733f79afdea83d_NeikiAnalytics.exe

Files

121af4c272bee035ab01023ccb5f29916755d157dcd8e73ba4733f79afdea83d_NeikiAnalytics.exe
.dll windows:6 windows x86 arch:x86

0f3aa4f53ef3e1fbfe68e04fd1593edc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\DCB\CBT_Main\BuildResults\bin\Release\plug_ins\Multimedia.pdb

Imports

kernel32

InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
DisableThreadLibraryCalls
GetDriveTypeA
GetComputerNameA
LoadLibraryA
LoadLibraryExA
GetModuleFileNameA
FreeLibrary
LoadLibraryW
OutputDebugStringA
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
SetLastError
GetLastError
OutputDebugStringW
lstrcpynA
lstrcpyA
lstrcatA
UnhandledExceptionFilter
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
CloseHandle
FindAtomW
DeleteCriticalSection
InitializeCriticalSectionEx
GetTickCount
FindResourceA
SizeofResource
LockResource
LoadResource
FreeResource
lstrlenA

user32

SetPropW
DefWindowProcA
RegisterClassA
UnregisterClassA
CreateWindowExA
DestroyWindow
LoadImageA
AdjustWindowRectEx
GetDesktopWindow
RemovePropA
EnumDisplayMonitors
wsprintfA
GetSystemMetrics
IsWindowEnabled
GetParent
GetClientRect
SetWindowPos
SetFocus
GetDC
GetFocus
ReleaseDC
BeginPaint
GetWindowRect
ClientToScreen
EndPaint
SetPropA
GetPropA
MoveWindow
GetSysColor
GetMonitorInfoA
EnableWindow
FindWindowA
GetPropW

gdi32

DeleteObject
GetDeviceCaps
CreateDCA
CreateCompatibleDC
BitBlt
CreateSolidBrush
SelectObject
CreateDIBSection
GetDIBColorTable
GetObjectA
GetClipBox
GetStockObject
PatBlt
DeleteDC
GetCharWidthA
CreateFontIndirectA

advapi32

RegQueryValueExA
RegOpenKeyA
RegCloseKey

msvcp140

?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z

vcruntime140

strrchr
memchr
__std_exception_destroy
memcmp
strchr
memmove
__RTtypeid
__CxxFrameHandler3
__std_type_info_compare
_CxxThrowException
_except_handler4_common
__std_exception_copy
__std_type_info_destroy_list
strstr
_purecall
__std_terminate
memcpy
memset

api-ms-win-crt-time-l1-1-0

clock

api-ms-win-crt-runtime-l1-1-0

_seh_filter_dll
_errno
_invalid_parameter_noinfo
_set_invalid_parameter_handler
_invalid_parameter_noinfo_noreturn
_configure_narrow_argv
_initterm_e
_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_initterm

api-ms-win-crt-string-l1-1-0

strlen
strcmp
isalpha
isxdigit
isspace
iswalpha
iswcntrl
towlower
wcslen
isdigit
strncpy_s
isprint
islower
strncmp
toupper
tolower
wcsncpy
_stricmp
strpbrk
isupper
_strlwr
isalnum
strncat
_strdup

api-ms-win-crt-convert-l1-1-0

strtol
_itoa_s
_strtoui64
atoi
mbstowcs_s
atof
atol

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf_s
__stdio_common_vsnprintf_s
_sopen_dispatch
_read
_close
__stdio_common_vsscanf
__stdio_common_vfprintf
fputc
fflush
__acrt_iob_func
_wsopen_dispatch
__stdio_common_vsprintf

api-ms-win-crt-utility-l1-1-0

labs

api-ms-win-crt-math-l1-1-0

ldexp
sin
acos
cos
_except1
modf

api-ms-win-crt-heap-l1-1-0

realloc
malloc
free
_callnewh
calloc

api-ms-win-crt-filesystem-l1-1-0

_fstat64i32

api-ms-win-crt-multibyte-l1-1-0

_mbsstr

Exports

Exports

PlugInMain

Sections

.text
Size: 957KB - Virtual size: 957KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 353KB - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 85KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 138KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 518KB - Virtual size: 520KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0f3aa4f53ef3e1fbfe68e04fd1593edc

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

msvcp140

vcruntime140

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-multibyte-l1-1-0

Exports

Exports

Sections

.text Size: 957KB - Virtual size: 957KB

.rdata Size: 353KB - Virtual size: 352KB

.data Size: 85KB - Virtual size: 96KB

.rsrc Size: 138KB - Virtual size: 137KB

.reloc Size: 518KB - Virtual size: 520KB

.text
Size: 957KB - Virtual size: 957KB

.rdata
Size: 353KB - Virtual size: 352KB

.data
Size: 85KB - Virtual size: 96KB

.rsrc
Size: 138KB - Virtual size: 137KB

.reloc
Size: 518KB - Virtual size: 520KB