25117790cca9937972bf8dfd044d0a40_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

25117790cca9937972bf8dfd044d0a40_NeikiAnalytics
Size

310KB
MD5

25117790cca9937972bf8dfd044d0a40
SHA1

f5825bd9618082d1b04f675fb289762fb586d051
SHA256

06b34237b51e8eb5ecb3c0918cc45c2e6b3f2d1a6d4e2430a42190b15cf91da6
SHA512

fb24e7b7f27593af1899241037e8e9cfcaaaa6b27aa0b2ec8be83f274167abe9fd4a3e63816299be91f34cc6ca889a665f582f6fc00a5cb43422354aa8929eec
SSDEEP

6144:ffsuyfAjmoRbT7gzJjrCcPXObarKbnQ0er3hbY4RLK:Muy+bT7g1n+bmKk0+3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25117790cca9937972bf8dfd044d0a40_NeikiAnalytics

Files

25117790cca9937972bf8dfd044d0a40_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

7b9bcdce7e7a44868b2add852ac5ecd9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

libgcc_s_sjlj-1

_Unwind_SjLj_Register
_Unwind_SjLj_Resume
_Unwind_SjLj_Unregister
__udivdi3
__umoddi3

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryW
MultiByteToWideChar
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

__dllonexit
__getmainargs
__initenv
__lconv_init
__mb_cur_max
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_cexit
_errno
_fmode
_initterm
_iob
_lock
_onexit
_unlock
calloc
exit
fputc
free
getenv
localeconv
malloc
memcmp
memcpy
setlocale
signal
strchr
strerror
strlen
strncmp
abort
atoi
wcslen
_strdup

libstdc++-6

_ZNSs12_S_constructEjcRKSaIcE
_ZNSs4_Rep10_M_destroyERKSaIcE
_ZNSs4_Rep10_M_disposeERKSaIcE
_ZNSs6assignEPKcj
_ZNSs6assignERKSs
_ZNSs9_M_mutateEjjj
_ZNSsC1EPKcRKSaIcE
_ZNSsC1EPKcjRKSaIcE
_ZTVN10__cxxabiv117__class_type_infoE
_ZTVN10__cxxabiv120__si_class_type_infoE
_ZdaPv
_ZdlPv
_Znaj
_Znwj
__cxa_demangle
__cxa_pure_virtual
__cxa_throw_bad_array_new_length
__dynamic_cast
__gxx_personality_sj0

libgobject-2.0-0

g_object_set
g_type_check_instance_cast

libgstapp-1.0-0

gst_app_src_end_of_stream
gst_app_src_get_type
gst_app_src_push_buffer
gst_app_src_set_callbacks
gst_app_src_set_caps
gst_app_src_set_size

libgstreamer-1.0-0

gst_bin_add
gst_bin_get_type
gst_buffer_map
gst_buffer_new_allocate
gst_buffer_unmap
gst_caps_new_simple
gst_element_factory_make
gst_element_get_type
gst_element_link_many
gst_element_set_state
gst_init
gst_mini_object_unref
gst_object_get_type
gst_object_unref
gst_pipeline_new

libprotobuf-8

InterlockedCompareExchange@12
_ZN6google8protobuf11MessageLite14ParseFromArrayEPKvi
_ZN6google8protobuf14DescriptorPool14generated_poolEv
_ZN6google8protobuf14DescriptorPool24InternalAddGeneratedFileEPKvi
_ZN6google8protobuf14MessageFactory17generated_factoryEv
_ZN6google8protobuf14MessageFactory29InternalRegisterGeneratedFileEPKcPFvRKSsE
_ZN6google8protobuf14MessageFactory32InternalRegisterGeneratedMessageEPKNS0_10DescriptorEPKNS0_7MessageE
_ZN6google8protobuf15UnknownFieldSet13ClearFallbackEv
_ZN6google8protobuf15UnknownFieldSet9AddVarintEiy
_ZN6google8protobuf15UnknownFieldSet9MergeFromERKS1_
_ZN6google8protobuf15UnknownFieldSetC1Ev
_ZN6google8protobuf15UnknownFieldSetD1Ev
_ZN6google8protobuf18GoogleOnceInitImplEPiPNS0_7ClosureE
_ZN6google8protobuf2io16CodedInputStream15ReadTagFallbackEv
_ZN6google8protobuf2io16CodedInputStream20ReadVarint32FallbackEPj
_ZN6google8protobuf2io16CodedInputStream20ReadVarint64FallbackEPy
_ZN6google8protobuf2io16CodedInputStream8PopLimitEi
_ZN6google8protobuf2io16CodedInputStream9PushLimitEi
_ZN6google8protobuf2io17CodedOutputStream12VarintSize64Ey
_ZN6google8protobuf2io17CodedOutputStream15WriteRawToArrayEPKviPh
_ZN6google8protobuf2io17CodedOutputStream20VarintSize32FallbackEj
_ZN6google8protobuf2io17CodedOutputStream20WriteVarint64ToArrayEyPh
_ZN6google8protobuf2io17CodedOutputStream28WriteVarint32FallbackToArrayEjPh
_ZN6google8protobuf7Message20DiscardUnknownFieldsEv
_ZN6google8protobuf7Message21CheckTypeAndMergeFromERKNS0_11MessageLiteE
_ZN6google8protobuf7MessageD2Ev
_ZN6google8protobuf8internal10LogMessageC1ENS0_8LogLevelEPKci
_ZN6google8protobuf8internal10LogMessageD1Ev
_ZN6google8protobuf8internal10LogMessagelsEPKc
_ZN6google8protobuf8internal10OnShutdownEPFvvE
_ZN6google8protobuf8internal10WireFormat22SerializeUnknownFieldsERKNS0_15UnknownFieldSetEPNS0_2io17CodedOutputStreamE
_ZN6google8protobuf8internal10WireFormat24ComputeUnknownFieldsSizeERKNS0_15UnknownFieldSetE
_ZN6google8protobuf8internal10WireFormat29SerializeUnknownFieldsToArrayERKNS0_15UnknownFieldSetEPh
_ZN6google8protobuf8internal10WireFormat9SkipFieldEPNS0_2io16CodedInputStreamEjPNS0_15UnknownFieldSetE
_ZN6google8protobuf8internal11LogFinisheraSERNS1_10LogMessageE
_ZN6google8protobuf8internal12kEmptyStringE
_ZN6google8protobuf8internal13ReflectionOps5MergeERKNS0_7MessageEPS3_
_ZN6google8protobuf8internal13VerifyVersionEiiPKc
_ZN6google8protobuf8internal14WireFormatLite10ReadStringEPNS0_2io16CodedInputStreamEPSs
_ZN6google8protobuf8internal14WireFormatLite10WriteBytesEiRKSsPNS0_2io17CodedOutputStreamE
_ZN6google8protobuf8internal14WireFormatLite10WriteInt32EiiPNS0_2io17CodedOutputStreamE
_ZN6google8protobuf8internal14WireFormatLite10WriteInt64EixPNS0_2io17CodedOutputStreamE
_ZN6google8protobuf8internal14WireFormatLite11WriteStringEiRKSsPNS0_2io17CodedOutputStreamE
_ZN6google8protobuf8internal14WireFormatLite24WriteMessageMaybeToArrayEiRKNS0_11MessageLiteEPNS0_2io17CodedOutputStreamE
_ZN6google8protobuf8internal14WireFormatLite9ReadBytesEPNS0_2io16CodedInputStreamEPSs
_ZN6google8protobuf8internal14WireFormatLite9WriteBoolEibPNS0_2io17CodedOutputStreamE
_ZN6google8protobuf8internal14WireFormatLite9WriteEnumEiiPNS0_2io17CodedOutputStreamE
_ZN6google8protobuf8internal16FunctionClosure0D1Ev
_ZN6google8protobuf8internal20RepeatedPtrFieldBase4SwapEPS2_
_ZN6google8protobuf8internal20RepeatedPtrFieldBase7ReserveEi
_ZN6google8protobuf8internal21StringTypeHandlerBase3NewEv
_ZN6google8protobuf8internal21StringTypeHandlerBase6DeleteEPSs
_ZN6google8protobuf8internal26GeneratedMessageReflectionC1EPKNS0_10DescriptorEPKNS0_7MessageEPKiiiiPKNS0_14DescriptorPoolEPNS0_14MessageFactoryEi
_ZNK6google8protobuf11MessageLite17SerializeAsStringEv
_ZNK6google8protobuf14DescriptorPool14FindFileByNameERKSs
_ZNK6google8protobuf2io16CodedInputStream15BytesUntilLimitEv
_ZNK6google8protobuf7Message11GetTypeNameEv
_ZNK6google8protobuf7Message25InitializationErrorStringEv
_ZNK6google8protobuf7Message9SpaceUsedEv
_ZTVN6google8protobuf8internal16FunctionClosure0E

libspotify

_sp_session_userdata@4
_sp_session_player_unload@4
_sp_session_process_events@8
_sp_session_preferred_bitrate@8
_sp_session_preferred_offline_bitrate@12
_sp_session_set_volume_normalization@8
_sp_session_starred_create@4
_sp_session_playlistcontainer@4
_sp_playlistcontainer_num_playlists@4
_sp_playlistcontainer_playlist_type@8
_sp_playlistcontainer_playlist@8
_sp_playlist_add_ref@4
_sp_session_inbox_create@4
_sp_playlist_set_offline_mode@12
_sp_link_create_from_string@4
_sp_link_as_track@4
_sp_track_add_ref@4
_sp_link_release@4
_sp_playlist_add_tracks@20
_sp_track_release@4
_sp_playlist_remove_tracks@12
_sp_playlist_num_tracks@4
_sp_track_album@4
_sp_track_is_starred@8
_sp_track_name@4
_sp_album_name@4
_sp_album_year@4
_sp_track_duration@4
_sp_track_popularity@4
_sp_track_disc@4
_sp_track_index@4
_sp_album_cover@8
_sp_track_num_artists@4
_sp_track_artist@8
_sp_artist_name@4
_sp_link_create_from_track@8
_sp_link_as_string@12
_sp_album_artist@4
_sp_link_create_from_album@4
_sp_albumbrowse_num_tracks@4
_sp_playlist_get_offline_status@8
_sp_playlist_get_offline_download_completed@8
_sp_session_player_play@8
_sp_toplistbrowse_create@24
_sp_search_create@52
_sp_session_release@4
_sp_search_error@4
_sp_error_message@4
_sp_search_release@4
_sp_search_num_tracks@4
_sp_search_track@8
_sp_albumbrowse_album@4
_sp_albumbrowse_track@8
_sp_albumbrowse_release@4
_sp_search_total_tracks@4
_sp_search_did_you_mean@4
_sp_search_num_albums@4
_sp_search_album@8
_sp_albumbrowse_create@16
_sp_playlistcontainer_add_callbacks@12
_sp_session_flush_caches@4
_sp_session_create@8
_sp_session_login@20
_sp_session_relogin@4
_sp_playlist_is_loaded@4
_sp_playlist_name@4
_sp_playlist_owner@4
_sp_session_user@4
_sp_user_display_name@4
_sp_link_create_from_playlist@4
_sp_playlist_add_callbacks@12
_sp_playlist_remove_callbacks@12
_sp_track_is_loaded@4
_sp_playlist_release@4
_sp_playlist_track@8
_sp_session_player_load@8
_sp_link_as_album@4
_sp_image_is_loaded@4
_sp_image_release@4
_sp_image_data@8
_sp_image_create@8
_sp_image_add_load_callback@12
_sp_toplistbrowse_num_tracks@4
_sp_toplistbrowse_track@8
_sp_toplistbrowse_release@4

qtnetwork4

_ZN10QTcpSocketC1EP7QObject
_ZN12QHostAddressC1ENS_14SpecialAddressE
_ZN12QHostAddressD1Ev
_ZN12QLocalSocket16staticMetaObjectE
_ZN12QLocalSocket5flushEv
_ZN15QAbstractSocket13connectToHostERK12QHostAddresst6QFlagsIN9QIODevice12OpenModeFlagEE
_ZN15QAbstractSocket16staticMetaObjectE
_ZN15QAbstractSocket5flushEv

qtcore4

_Z17qt_message_output9QtMsgTypePKc
_Z18qInstallMsgHandlerPFv9QtMsgTypePKcE
_Z5qFreePv
_Z6qFatalPKcz
_ZN10QByteArray10fromBase64ERKS_
_ZN10QByteArray11shared_nullE
_ZN10QByteArray7reallocEi
_ZN10QByteArrayC1EPKc
_ZN10QByteArrayC1EPKci
_ZN10QByteArrayaSERKS_
_ZN10QSemaphore7acquireEi
_ZN10QSemaphore7releaseEi
_ZN10QSemaphoreC1Ei
_ZN10QSemaphoreD1Ev
_ZN11QDataStream12writeRawDataEPKci
_ZN11QDataStreamC1EP9QIODevice
_ZN11QDataStreamD1Ev
_ZN11QDataStreamlsEi
_ZN11QDataStreamrsERi
_ZN11QMetaObject12invokeMethodEP7QObjectPKcN2Qt14ConnectionTypeE22QGenericReturnArgument16QGenericArgumentS7_S7_S7_S7_S7_S7_S7_S7_S7_
_ZN11QMetaObject8activateEP7QObjectPKS_iPPv
_ZN11QTextStreamC1EP7QString6QFlagsIN9QIODevice12OpenModeFlagEE
_ZN11QTextStreamC1EP9QIODevice
_ZN11QTextStreamD1Ev
_ZN11QTextStreamlsERK7QString
_ZN11QTextStreamlsEc
_ZN16QCoreApplication15applicationNameEv
_ZN16QCoreApplication18setApplicationNameERK7QString
_ZN16QCoreApplication19setOrganizationNameERK7QString
_ZN16QCoreApplication21setOrganizationDomainERK7QString
_ZN16QCoreApplication4execEv
_ZN16QCoreApplication4exitEi
_ZN16QCoreApplication4selfE
_ZN16QCoreApplication9argumentsEv
_ZN16QCoreApplicationC1ERiPPci
_ZN16QCoreApplicationD1Ev
_ZN4QDir8homePathEv
_ZN4QDirC1ERK7QString
_ZN4QDirD1Ev
_ZN5QCharC1Ec
_ZN6QTimer5startEi
_ZN6QTimerC1EP7QObject
_ZN7QBuffer4openE6QFlagsIN9QIODevice12OpenModeFlagEE
_ZN7QBuffer5closeEv
_ZN7QBuffer7setDataERK10QByteArray
_ZN7QBufferC1EP7QObject
_ZN7QBufferD1Ev
_ZN7QObject10childEventEP11QChildEvent
_ZN7QObject10timerEventEP11QTimerEvent
_ZN7QObject11customEventEP6QEvent
_ZN7QObject11eventFilterEPS_P6QEvent
_ZN7QObject11qt_metacallEN11QMetaObject4CallEiPPv
_ZN7QObject11qt_metacastEPKc
_ZN7QObject13connectNotifyEPKc
_ZN7QObject16disconnectNotifyEPKc
_ZN7QObject16staticMetaObjectE
_ZN7QObject5eventEP6QEvent
_ZN7QObject7connectEPKS_PKcS1_S3_N2Qt14ConnectionTypeE
_ZN7QObjectC2EPS_
_ZN7QObjectD2Ev
_ZN7QRegExp3capEi
_ZN7QRegExpC1ERK7QStringN2Qt15CaseSensitivityENS_13PatternSyntaxE
_ZN7QRegExpD1Ev
_ZN7QString11shared_nullE
_ZN7QString13fromLocal8BitEPKci
_ZN7QString16codecForCStringsE
_ZN7QString16fromAscii_helperEPKci
_ZN7QString4freeEPNS_4DataE
_ZN7QString6appendERKS_
_ZN7QString6numberEii
_ZN7QString8fromUtf8EPKci
_ZN7QString9fromAsciiEPKci
_ZN7QStringaSERKS_
_ZN8QMapData10createDataEi
_ZN8QMapData11node_createEPPNS_4NodeEii
_ZN8QMapData11node_deleteEPPNS_4NodeEiS1_
_ZN8QMapData11shared_nullE
_ZN8QMapData16continueFreeDataEi
_ZN9QDateTime15currentDateTimeEv
_ZN9QDateTimeD1Ev
_ZN9QIODevice11qt_metacallEN11QMetaObject4CallEiPPv
_ZN9QIODevice11qt_metacastEPKc
_ZN9QIODevice12readLineDataEPcx
_ZN9QIODevice16waitForReadyReadEi
_ZN9QIODevice19waitForBytesWrittenEi
_ZN9QIODevice4openE6QFlagsINS_12OpenModeFlagEE
_ZN9QIODevice4readEx
_ZN9QIODevice4seekEx
_ZN9QIODevice5closeEv
_ZN9QIODevice5resetEv
_ZN9QIODevice5writeEPKcx
_ZN9QIODeviceC2Ev
_ZN9QIODeviceD2Ev
_ZN9QListData11detach_growEPii
_ZN9QListData11shared_nullE
_ZN9QListData6appendEv
_ZN9QListData6detachEi
_ZN9QListData6removeEi
_ZNK10QByteArray8toBase64Ev
_ZNK11QMetaObject4castEP7QObject
_ZNK4QDir6mkpathERK7QString
_ZNK7QBuffer4dataEv
_ZNK7QBuffer4sizeEv
_ZNK7QString11lastIndexOfE5QChariN2Qt15CaseSensitivityE
_ZNK7QString11lastIndexOfERKS_iN2Qt15CaseSensitivityE
_ZNK7QString11toLocal8BitEv
_ZNK7QString13leftJustifiedEi5QCharb
_ZNK7QString3midEii
_ZNK7QString4leftEi
_ZNK7QString5splitERK5QCharNS_13SplitBehaviorEN2Qt15CaseSensitivityE
_ZNK7QString5toIntEPbi
_ZNK7QString6toUtf8Ev
_ZNK7QString7indexOfE5QChariN2Qt15CaseSensitivityE
_ZNK7QString7indexOfER7QRegExpi
_ZNK7QString7toAsciiEv
_ZNK7QStringeqERK13QLatin1String
_ZNK7QStringeqERKS_
_ZNK7QStringltERKS_
_ZNK9QDateTime8toStringERK7QString
_ZNK9QIODevice10metaObjectEv
_ZNK9QIODevice11canReadLineEv
_ZNK9QIODevice12bytesToWriteEv
_ZNK9QIODevice12isSequentialEv
_ZNK9QIODevice14bytesAvailableEv
_ZNK9QIODevice3posEv
_ZNK9QIODevice4sizeEv
_ZNK9QIODevice5atEndEv

Sections

.text
Size: 267KB - Virtual size: 267KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7b9bcdce7e7a44868b2add852ac5ecd9

Headers

File Characteristics

Imports

libgcc_s_sjlj-1

kernel32

msvcrt

libstdc++-6

libgobject-2.0-0

libgstapp-1.0-0

libgstreamer-1.0-0

libprotobuf-8

libspotify

qtnetwork4

qtcore4

Sections

.text Size: 267KB - Virtual size: 267KB

.data Size: 512B - Virtual size: 88B

.rdata Size: 22KB - Virtual size: 22KB

.bss Size: - Virtual size: 3KB

.idata Size: 18KB - Virtual size: 17KB

.CRT Size: 512B - Virtual size: 52B

.tls Size: 512B - Virtual size: 32B

.text
Size: 267KB - Virtual size: 267KB

.data
Size: 512B - Virtual size: 88B

.rdata
Size: 22KB - Virtual size: 22KB

.bss
Size: - Virtual size: 3KB

.idata
Size: 18KB - Virtual size: 17KB

.CRT
Size: 512B - Virtual size: 52B

.tls
Size: 512B - Virtual size: 32B