3e7200edf7904802f60bc5acbf1c56c1e7940de22112a17957460d9dd7c38d94_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

3e7200edf7904802f60bc5acbf1c56c1e7940de22112a17957460d9dd7c38d94_NeikiAnalytics.exe
Size

6.6MB
MD5

b43452b886d7daa7549c907312fe95c0
SHA1

82e196b87cd8e03f9fcc6eb9a2a376fd3c83c101
SHA256

3e7200edf7904802f60bc5acbf1c56c1e7940de22112a17957460d9dd7c38d94
SHA512

d537b287aedb2dbb5bfaf91d2733227dc1a9a1588384a7ff6579cfe1e8e7e7189d002ce14e8e0b71188e58357d614005ac0b4285087b5096b489b6c708d40fed
SSDEEP

98304:7w2ehYZS5BBa80rKR2sXNQKwXNZmnZZ3v:8Jx5HQrULXNQWZ3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e7200edf7904802f60bc5acbf1c56c1e7940de22112a17957460d9dd7c38d94_NeikiAnalytics.exe

Files

3e7200edf7904802f60bc5acbf1c56c1e7940de22112a17957460d9dd7c38d94_NeikiAnalytics.exe
.exe windows:6 windows x64 arch:x64

049bd178006dd70ea65c0cbd3f0d29bc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\a\newbspguy\newbspguy\vs-project\Release\bspguy.pdb

Imports

opengl32

glDrawArrays
glGetString
wglGetCurrentDC
glViewport
glLineWidth
glGetIntegerv
glEnable
glDisable
glDepthMask
glDepthFunc
glCullFace
glClearColor
glClear
glBlendFunc
glTexParameteri
glTexImage2D
glPixelStorei
glGenTextures
glDeleteTextures
glBindTexture
glGetError
wglGetProcAddress

kernel32

GetConsoleWindow
GetStdHandle
SetConsoleTextAttribute
GlobalAlloc
GlobalUnlock
GlobalLock
GlobalFree
MultiByteToWideChar
WideCharToMultiByte
FreeLibrary
GetProcAddress
LoadLibraryA
GetLogicalDrives
GetModuleHandleW
SetThreadExecutionState
QueryPerformanceCounter
QueryPerformanceFrequency
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
VerSetConditionMask
GetLastError
GetModuleHandleExW
FormatMessageW
WriteConsoleW
DeviceIoControl
HeapSize
OutputDebugStringW
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
GetTimeZoneInformation
SetConsoleCtrlHandler
ReadConsoleW
SetFilePointerEx
GetFileSizeEx
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
HeapReAlloc
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
HeapAlloc
HeapFree
GetCommandLineA
WriteFile
GetModuleFileNameW
SetThreadPriority
FreeLibraryAndExitThread
ResumeThread
ExitThread
CreateThread
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
GetFileType
GetDriveTypeW
ReadFile
ExitProcess
LoadLibraryExW
InitializeCriticalSectionAndSpinCount
SetLastError
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwindEx
TerminateProcess
GetCurrentProcess
InitializeSListHead
GetCurrentProcessId
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetStringTypeW
GetCPInfo
CompareStringEx
CloseThreadpoolWait
SetThreadpoolWait
CreateThreadpoolWait
CloseThreadpoolTimer
WaitForThreadpoolTimerCallbacks
SetThreadpoolTimer
CreateThreadpoolTimer
GetTickCount64
GetSystemTimeAsFileTime
GetCurrentProcessorNumber
FlushProcessWriteBuffers
CreateSemaphoreExW
CreateEventExW
SleepConditionVariableCS
InitOnceExecuteOnce
InitializeSRWLock
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
LCMapStringEx
DecodePointer
EncodePointer
InitializeCriticalSectionEx
WaitForThreadpoolWorkCallbacks
GetCurrentThread
GetCommandLineW
SetEndOfFile
CreateDirectoryExW
CopyFileW
MoveFileExW
CreateHardLinkW
GetFileInformationByHandleEx
CreateSymbolicLinkW
RtlPcToFileHeader
RaiseException
WaitForSingleObjectEx
Sleep
SwitchToThread
GetExitCodeThread
GetNativeSystemInfo
IsProcessorFeaturePresent
CloseHandle
RtlCaptureStackBackTrace
CloseThreadpoolWork
SubmitThreadpoolWork
CreateThreadpoolWork
FreeLibraryWhenCallbackReturns
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableSRW
InitOnceBeginInitialize
SetStdHandle
RtlUnwind
AreFileApisANSI
GetTempPathW
SetFileTime
LocalFree
FormatMessageA
GetLocaleInfoEx
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TryAcquireSRWLockExclusive
GetCurrentThreadId
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateDirectoryW
CreateFileW
FindClose
FindFirstFileW
FindFirstFileExW
FindNextFileW
GetDiskFreeSpaceExW
GetFileAttributesW
GetFileAttributesExW
GetFileInformationByHandle
GetFinalPathNameByHandleW
GetFullPathNameW
SetFileAttributesW
SetFileInformationByHandle
InitOnceComplete

user32

GetRawInputDeviceInfoA
EnumDisplayMonitors
EnumDisplayDevicesW
EnumDisplaySettingsExW
EnumDisplaySettingsW
ChangeDisplaySettingsExW
ToUnicode
UnregisterClassW
UnregisterDeviceNotification
RegisterDeviceNotificationW
RegisterRawInputDevices
GetRawInputData
GetMonitorInfoW
MonitorFromWindow
SystemParametersInfoW
CreateIconIndirect
LoadImageW
DestroyIcon
LoadCursorW
GetClassLongPtrW
SetWindowLongW
GetWindowLongW
PtInRect
OffsetRect
SetRect
ClipCursor
WindowFromPoint
ScreenToClient
ClientToScreen
GetCursorPos
SetCursor
SetCursorPos
AdjustWindowRectEx
GetWindowRect
GetClientRect
SetWindowTextW
RemovePropW
GetPropW
SetPropW
ReleaseDC
GetRawInputDeviceList
SetForegroundWindow
GetSystemMetrics
MsgWaitForMultipleObjects
ReleaseCapture
SetCapture
MapVirtualKeyW
GetKeyState
GetActiveWindow
SetFocus
IsZoomed
BringWindowToTop
IsIconic
IsWindowVisible
SetWindowPlacement
GetWindowPlacement
SetWindowPos
MoveWindow
FlashWindow
SetLayeredWindowAttributes
GetLayeredWindowAttributes
DestroyWindow
CreateWindowExW
RegisterClassExW
DefWindowProcW
WaitMessage
PostMessageW
SendMessageW
GetMessageTime
PeekMessageW
DispatchMessageW
TranslateMessage
TrackMouseEvent
GetIconInfo
MessageBeep
SetWindowLongPtrA
GetWindowLongPtrA
CallWindowProcA
GetMessageExtraInfo
EmptyClipboard
GetClipboardData
SetClipboardData
CloseClipboard
OpenClipboard
ShowWindow
DisableProcessWindowsGhosting
GetDC

gdi32

CreateRectRgn
CreateBitmap
GetObjectA
SetDeviceGammaRamp
DeleteObject
SwapBuffers
SetPixelFormat
DescribePixelFormat
ChoosePixelFormat
GetBitmapBits
GetDeviceGammaRamp
GetDeviceCaps
DeleteDC
CreateDCW
CreateDIBSection

shell32

DragFinish
DragQueryPoint
DragQueryFileW
CommandLineToArgvW
DragAcceptFiles
SHGetFileInfoW

advapi32

GetUserNameW

imm32

ImmReleaseContext
ImmSetCompositionWindow
ImmSetCandidateWindow
ImmGetContext

Sections

.text
Size: 4.6MB - Virtual size: 4.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 158KB - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

049bd178006dd70ea65c0cbd3f0d29bc

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

opengl32

kernel32

user32

gdi32

shell32

advapi32

imm32

Sections

.text Size: 4.6MB - Virtual size: 4.6MB

.rdata Size: 1.6MB - Virtual size: 1.6MB

.data Size: 158KB - Virtual size: 281KB

.pdata Size: 176KB - Virtual size: 175KB

_RDATA Size: 512B - Virtual size: 348B

.rsrc Size: 512B - Virtual size: 480B

.text
Size: 4.6MB - Virtual size: 4.6MB

.rdata
Size: 1.6MB - Virtual size: 1.6MB

.data
Size: 158KB - Virtual size: 281KB

.pdata
Size: 176KB - Virtual size: 175KB

_RDATA
Size: 512B - Virtual size: 348B

.rsrc
Size: 512B - Virtual size: 480B