157d7a2a120e94a0b8de1df9116062f0_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

157d7a2a120e94a0b8de1df9116062f0_NeikiAnalytics
Size

674KB
MD5

157d7a2a120e94a0b8de1df9116062f0
SHA1

8ed71dbf1372e8c54be9b1e2bcbd5129cbbd0646
SHA256

2c141bc58a6b45a60d389269c03bfa419bd5b4ddf3c322999a6475b0d2b36b1a
SHA512

9ea0c1f203682a8843359e4f3716d30c5c73c13f660e22b1b9862ae8d435585b203cfc6bee15892e216d929864890701c27c6847fe736efaeda3df68bb245240
SSDEEP

6144:XKFHZ4xa0FWzioGCwyFjpbihFcoGVtRg+PeoGxhi3gphzSsLWoGHU9zVDp2rZd3/:AbCjwFjpOQwTdpsFDGql0xt28BTABm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
157d7a2a120e94a0b8de1df9116062f0_NeikiAnalytics

Files

157d7a2a120e94a0b8de1df9116062f0_NeikiAnalytics
.exe windows:6 windows x64 arch:x64

022b978e450d15dafac74c72ebf98145

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

https://i.imgur.com/CpDdgco.png

Imports

glew32

__glewBindBufferARB
__glewDisableVertexAttribArrayARB
__glewUniformMatrix4x3fv
__glewGenVertexArrays
__glewDeleteVertexArrays
__glewVertexAttrib3sARB
__glewBindVertexArray
__glewUniform3fv
__glewDeleteBuffers
__glewLinkProgram
__glewUniform4fv
__glewDeleteShader
__glewVertexAttrib1f
__glewVertexAttribI2i
__glewGenBuffers
__glewGetProgramInfoLog
__glewUniform4iv
__glewUniformMatrix4fv
__glewDisableVertexAttribArray
__glewVertexAttribI4i
__glewUniform1fv
__glewShaderSource
__glewDeleteProgram
__glewActiveTexture
__glewAttachShader
__glewBufferData
__glewVertexAttribI3i
__glewVertexAttribI2ui
__glewGetUniformLocation
__glewVertexAttrib4f
__glewUniform1f
__glewVertexAttribI1ui
__glewVertexAttrib3fARB
__glewVertexAttribI3ui
__glewVertexAttrib3f
__glewUniform3iv
__glewGetProgramiv
__glewUniform1ui
__glewUniform3uiv
__glewGetShaderInfoLog
__glewUniform1i
__glewUniform2fv
__glewCreateProgram
__glewVertexAttrib2f
__glewBindBuffer
__glewCreateShader
__glewGetAttribLocation
__glewCompileShader
__glewGetShaderiv
__glewGetUniformiv
__glewVertexAttribPointer
__glewUseProgram
__glewVertexAttribI1i
__glewUniform2iv
__glewEnableVertexAttribArray
__glewBlendEquationSeparate
__glewBlendEquation
__glewBlendFuncSeparate
__glewGetUniformuiv
glewInit
__glewAttachObjectARB
__glewBindFramebufferEXT
__glewBlendFuncSeparateEXT
__glewVertexAttrib4sARB
__glewUniform3ivARB
__glewUniform1ivARB
__glewUniformMatrix4x2fv
__glewUniform2uiv
__glewUniform4ivARB
__glewUniform2ivARB
__glewVertexAttrib1fARB
__glewGetUniformfv
__glewGenerateMipmap
__glewUniformMatrix2fv
__glewGenRenderbuffers
__glewBufferDataARB
__glewUniform4uiv
__glewDetachShader
__glewUniform1iv
__glewUniformMatrix3fv
__glewUniformMatrix4fvARB
glewExperimental
__glewGetUniformivARB
__glewVertexAttribI4ui
__glewBlendEquationEXT
__glewUniform2fvARB
__glewDeleteBuffersARB
__glewBindFramebuffer
__glewBindRenderbuffer
__glewUseProgramObjectARB
__glewCompileShaderARB
__glewCheckFramebufferStatusEXT
__glewUniform1fvARB
__glewGenFramebuffers
__glewFramebufferRenderbuffer
__glewDeleteFramebuffers
__glewDeleteFramebuffersEXT
__glewCheckFramebufferStatus
__glewEnableVertexAttribArrayARB
__glewRenderbufferStorage
__glewFramebufferTexture2D
glewIsSupported
__glewUniform1uiv
__glewGenerateMipmapEXT
__glewFramebufferTexture2DEXT
__glewVertexAttribPointerARB
__glewVertexAttrib4fARB
__glewCreateShaderObjectARB
__glewDeleteObjectARB
__glewUniform3fvARB
__glewUniformMatrix2x3fv
__glewVertexAttrib2sARB
__glewGenFramebuffersEXT
__glewVertexAttrib1sARB
__glewActiveTextureARB
__glewUniformMatrix3x4fv
__glewGetInfoLogARB
__glewGenBuffersARB
__glewCreateProgramObjectARB
__glewUniformMatrix2x4fv
__glewLinkProgramARB
__glewVertexAttrib2fARB
__glewGetAttribLocationARB
__glewBlendEquationSeparateEXT
__glewUniformMatrix3x2fv
__glewGetUniformLocationARB
__glewShaderSourceARB
__glewUniform4fvARB
__glewGetObjectParameterivARB
__glewUniform1iARB
__glewBindAttribLocation
__glewUniform1fARB

sdl2

SDL_free
SDL_GL_GetDrawableSize
SDL_SetHint
SDL_GetTicks
SDL_SetWindowTitle
SDL_CreateThread
SDL_PollEvent
SDL_GetDesktopDisplayMode
SDL_Delay
SDL_GetError
SDL_GetKeyboardState
SDL_SetPaletteColors
SDL_WasInit
SDL_InitSubSystem
SDL_QuitSubSystem
SDL_Quit
SDL_Init
SDL_RWFromFile
SDL_ConvertSurface
SDL_SetWindowFullscreen
SDL_CreateWindow
SDL_CreateRGBSurface
SDL_FreeSurface
SDL_RWseek
SDL_GL_SetSwapInterval
SDL_RWread
SDL_GL_SetAttribute
SDL_GetWindowID
SDL_RWclose
SDL_GetColorKey
SDL_RWFromConstMem
SDL_GL_MakeCurrent
SDL_GL_DeleteContext
SDL_GetWindowFromID
SDL_malloc
SDL_GL_SwapWindow
SDL_SetWindowSize
SDL_GetWindowSize
SDL_GetWindowFlags
SDL_GL_CreateContext

sdl2_ttf

TTF_OpenFont
TTF_CloseFont
TTF_Init

opengl32

glTexParameteri
glDeleteTextures
glTexImage2D
glDrawElements
glDisable
glPixelStorei
glGetIntegerv
glClear
glVertex3f
glDepthMask
glLoadMatrixf
glMatrixMode
glTexCoord2f
glGetTexLevelParameteriv
glReadPixels
glBegin
glClearColor
glDrawArrays
glColor4ub
glGetTexImage
glGetTexParameteriv
glColor4f
glDepthFunc
glTexSubImage2D
glGetString
glScissor
glEnable
glGenTextures
glBindTexture
glViewport
glEnd
glLineWidth
glBlendFunc

steam_api64

SteamInternal_SteamAPI_Init
SteamInternal_ContextInit
SteamAPI_RestartAppIfNecessary
SteamInternal_FindOrCreateUserInterface
SteamInternal_CreateInterface
SteamAPI_GetHSteamUser

discord_game_sdk

DiscordCreate

kernel32

WideCharToMultiByte
MultiByteToWideChar
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetStartupInfoW
IsProcessorFeaturePresent
TerminateProcess
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
Sleep
GetFileInformationByHandleEx
GetModuleHandleW
AreFileApisANSI
GetFileAttributesExW
FindNextFileW
FindFirstFileExW
FindFirstFileW
FindClose
CreateFileW
GetLocaleInfoEx
SetConsoleTextAttribute
RtlCaptureContext
GetCurrentProcess
GetStdHandle
GetLastError
FreeConsole
LocalFree
FormatMessageA
SetUnhandledExceptionFilter
GetCommandLineW
lstrlenW
CreateMutexW
CloseHandle
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent

user32

MessageBoxA
MessageBoxW

shell32

CommandLineToArgvW

msvcp140

?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?_Xbad_alloc@std@@YAXXZ
?uncaught_exception@std@@YA_NXZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?_Throw_Cpp_error@std@@YAXH@Z
?_Xbad_function_call@std@@YAXXZ
??Bid@locale@std@@QEAA_KXZ
?always_noconv@codecvt_base@std@@QEBA_NXZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_J@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Xlength_error@std@@YAXPEBD@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Xout_of_range@std@@YAXPEBD@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
??0_Lockit@std@@QEAA@H@Z
??1_Lockit@std@@QEAA@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?good@ios_base@std@@QEBA_NXZ
?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ
_Query_perf_frequency
?_Winerror_map@std@@YAHH@Z
?_Syserror_map@std@@YAPEBDH@Z
_Query_perf_counter
??0_Locinfo@std@@QEAA@PEBD@Z
??1_Locinfo@std@@QEAA@XZ
?_Getfalse@_Locinfo@std@@QEBAPEBDXZ
?_Gettrue@_Locinfo@std@@QEBAPEBDXZ
?c_str@?$_Yarn@D@std@@QEBAPEBDXZ
??0facet@locale@std@@IEAA@_K@Z
??1facet@locale@std@@MEAA@XZ
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?_Incref@facet@locale@std@@UEAAXXZ
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?id@?$numpunct@D@std@@2V0locale@2@A
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
_Cnd_do_broadcast_at_thread_exit

vcruntime140_1

__CxxFrameHandler4

vcruntime140

memset
memmove
memcpy
memcmp
memchr
_CxxThrowException
__C_specific_handler
strrchr
strstr
__std_terminate
__std_exception_copy
__std_exception_destroy
__current_exception_context
__current_exception

api-ms-win-crt-stdio-l1-1-0

setvbuf
__p__commode
_set_fmode
ungetc
_getcwd
fsetpos
__stdio_common_vsnprintf_s
fgetpos
fwrite
freopen_s
fread
fgetc
fclose
fflush
fputc
fopen
__stdio_common_vsscanf
_fseeki64
__stdio_common_vsprintf
__stdio_common_vfprintf
__acrt_iob_func
_get_stream_buffer_pointers

api-ms-win-crt-filesystem-l1-1-0

_lock_file
_unlock_file

api-ms-win-crt-runtime-l1-1-0

_endthreadex
exit
_initialize_onexit_table
_register_onexit_function
_crt_atexit
_cexit
_seh_filter_exe
_set_app_type
_configure_wide_argv
_initialize_wide_environment
_initterm
_initterm_e
_exit
terminate
_c_exit
_register_thread_local_exe_atexit_callback
_beginthreadex
abort
_invalid_parameter_noinfo_noreturn
_get_wide_winmain_command_line

api-ms-win-crt-string-l1-1-0

strtok
strcpy_s
strncmp
strncpy
strcmp

api-ms-win-crt-heap-l1-1-0

malloc
calloc
_callnewh
_set_new_mode
realloc
free

api-ms-win-crt-convert-l1-1-0

strtol

api-ms-win-crt-math-l1-1-0

__setusermatherr
sqrtf
sinf
pow
floorf
ldexp
_dsign
cosf
atan2f

api-ms-win-crt-time-l1-1-0

_time64

api-ms-win-crt-locale-l1-1-0

_configthreadlocale
___lc_codepage_func
localeconv

Exports

Exports

NvOptimusEnablement

Sections

.text
Size: 537KB - Virtual size: 536KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 580B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

022b978e450d15dafac74c72ebf98145

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

glew32

sdl2

sdl2_ttf

opengl32

steam_api64

discord_game_sdk

kernel32

user32

shell32

msvcp140

vcruntime140_1

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-locale-l1-1-0

Exports

Exports

Sections

.text Size: 537KB - Virtual size: 536KB

.rdata Size: 106KB - Virtual size: 106KB

.data Size: 3KB - Virtual size: 8KB

.pdata Size: 23KB - Virtual size: 23KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 580B

.text
Size: 537KB - Virtual size: 536KB

.rdata
Size: 106KB - Virtual size: 106KB

.data
Size: 3KB - Virtual size: 8KB

.pdata
Size: 23KB - Virtual size: 23KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 580B