43818787da49ed117d67d224a3dbcbb49c4d6d81393b07a26b6b13b639d574aa_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

43818787da49ed117d67d224a3dbcbb49c4d6d81393b07a26b6b13b639d574aa_NeikiAnalytics.exe
Size

696KB
MD5

3ef35532e4412c14f289d082cad25360
SHA1

3275352a006a7fd2e3f56d54c6d56718acea07ff
SHA256

43818787da49ed117d67d224a3dbcbb49c4d6d81393b07a26b6b13b639d574aa
SHA512

c72e998b66c46ead7fb92f8288bb9ceec7dd5313f549f52c06b0167839e64f76f93991419bd2e35f75568b2c5f74fdd5f2c6aab0e7b75e17e7957cc805dfd4b0
SSDEEP

12288:wzevftfN8/tSYBVz+A2kp9ahIl2Sv2L+0Dmh5jeJwAjuShYT:I+381SWJ/I+0geJbqShYT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43818787da49ed117d67d224a3dbcbb49c4d6d81393b07a26b6b13b639d574aa_NeikiAnalytics.exe

Files

43818787da49ed117d67d224a3dbcbb49c4d6d81393b07a26b6b13b639d574aa_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

2bf6cad0d25bd722d035c76750237ebc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\workarea\8.551\drivers\2d\dal\extevents\polling\build\lh\B_rel\ati2evxx.pdb

Imports

kernel32

DisconnectNamedPipe
FlushFileBuffers
ConnectNamedPipe
CreateNamedPipeA
GetTickCount
LocalFree
LocalAlloc
OpenFile
GetLocalTime
Beep
GetPrivateProfileStringA
UnmapViewOfFile
OpenFileMappingA
MapViewOfFile
CreateFileMappingA
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetLocaleInfoW
GetTimeZoneInformation
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
VirtualQuery
GetSystemInfo
VirtualProtect
IsValidCodePage
IsValidLocale
ReadFile
GetLocaleInfoA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
GetModuleHandleW
InitializeCriticalSection
InterlockedExchange
CreateProcessA
GetConsoleMode
GetConsoleCP
LCMapStringW
LCMapStringA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStdHandle
VirtualAlloc
EnterCriticalSection
FatalAppExitA
LeaveCriticalSection
DeleteCriticalSection
VirtualFree
HeapCreate
HeapDestroy
GetOEMCP
GetSystemDirectoryA
EnumSystemLocalesA
OpenProcess
GetACP
GetCPInfo
HeapSize
HeapReAlloc
SetLastError
SetThreadPriority
ExitThread
TerminateThread
GetCurrentProcess
WideCharToMultiByte
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
DeleteFileA
GetProcessHeap
HeapAlloc
HeapFree
GetModuleHandleA
MultiByteToWideChar
GetStartupInfoA
GetCommandLineA
RaiseException
RtlUnwind
GetCurrentThread
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetCurrentProcessId
CreateSemaphoreA
InterlockedDecrement
InterlockedIncrement
PulseEvent
ReleaseSemaphore
DeviceIoControl
GetVersionExA
GetSystemPowerStatus
CreateThread
GetModuleFileNameA
GetExitCodeProcess
TerminateProcess
GetSystemTime
CreateFileA
SetFilePointer
WriteFile
ExitProcess
OpenMutexA
ReleaseMutex
OutputDebugStringA
CreateMutexA
CallNamedPipeA
GetProcAddress
FreeLibrary
LoadLibraryA
OpenEventA
SetEvent
WaitForSingleObject
WaitForMultipleObjects
CreateEventA
CloseHandle
ResetEvent
Sleep
GetLastError
SetConsoleCtrlHandler
GetCurrentThreadId

user32

GetMessageA
UnregisterDeviceNotification
RegisterDeviceNotificationA
EnumDisplaySettingsA
KillTimer
SetTimer
SetCursor
SendInput
EnumWindows
SendMessageA
GetPropA
RegisterWindowMessageA
RegisterHotKey
UnregisterHotKey
GetForegroundWindow
GetDesktopWindow
GetWindowThreadProcessId
BroadcastSystemMessageA
ExitWindowsEx
LoadCursorA
OpenDesktopA
CloseDesktop
SendNotifyMessageA
MsgWaitForMultipleObjects
GetCursorPos
MonitorFromPoint
GetMonitorInfoA
SystemParametersInfoA
DispatchMessageA
TranslateMessage
IsWindow
DestroyWindow
DefWindowProcA
PostMessageA
FindWindowA
RegisterClassA
CreateWindowExA
ShowWindow
MessageBoxA
EnumDisplayDevicesA
ChangeDisplaySettingsExA
ChangeDisplaySettingsA
EnumDisplaySettingsExA
GetSystemMetrics
SetWindowPos
GetCursor

gdi32

DeleteDC
CreateDCA

ole32

CoInitializeSecurity
CoUninitialize
CoCreateInstance
CoInitializeEx

oleaut32

VariantClear
SysFreeString
SysAllocString
VariantInit

userenv

LoadUserProfileA
GetUserProfileDirectoryW
UnloadUserProfile

psapi

EnumProcessModules
EnumProcesses
GetModuleBaseNameA

setupapi

SetupDiGetHwProfileList
CM_Get_Parent
CM_Get_Device_ID_ExA
CM_Get_DevNode_Registry_PropertyA
SetupDiOpenDevRegKey
SetupDiGetClassDevsA
SetupDiGetDeviceInfoListDetailA
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiSetClassInstallParamsA
SetupDiCallClassInstaller
CM_Reenumerate_DevNode
SetupDiGetDeviceInstanceIdA

advapi32

SetThreadToken
AllocateAndInitializeSid
SetSecurityDescriptorOwner
InitializeAcl
AddAccessAllowedAce
RegCreateKeyExA
FreeSid
RegOpenCurrentUser
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
RegisterServiceCtrlHandlerExA
DeleteService
CreateServiceA
RegCreateKeyA
CreateProcessAsUserA
SetServiceStatus
RegisterEventSourceA
ReportEventA
DeregisterEventSource
StartServiceA
RegSetValueExA
QueryServiceStatus
ImpersonateLoggedOnUser
RevertToSelf
OpenSCManagerA
OpenServiceA
CloseServiceHandle
ControlService
RegDeleteValueA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
OpenThreadToken
RegEnumKeyExA
RegQueryInfoKeyA
RegDeleteKeyA
GetLengthSid
OpenProcessToken
CheckTokenMembership
AdjustTokenPrivileges
LookupPrivilegeValueA
GetUserNameA
RegEnumValueA

Sections

.text
Size: 520KB - Virtual size: 519KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 160KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2bf6cad0d25bd722d035c76750237ebc

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

ole32

oleaut32

userenv

psapi

setupapi

advapi32

Sections

.text Size: 520KB - Virtual size: 519KB

.rdata Size: 160KB - Virtual size: 156KB

.data Size: 8KB - Virtual size: 33KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 520KB - Virtual size: 519KB

.rdata
Size: 160KB - Virtual size: 156KB

.data
Size: 8KB - Virtual size: 33KB

.rsrc
Size: 4KB - Virtual size: 2KB