63c6b050d48c9480b067da00b10826f0_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

63c6b050d48c9480b067da00b10826f0_NeikiAnalytics
Size

32KB
MD5

63c6b050d48c9480b067da00b10826f0
SHA1

cbeeb64098d0a9a9b48a5c34b09646f680f46af1
SHA256

eeb987f1462160387c95802978b782f449f640e71ba660db93fb74747425e711
SHA512

4dbc6bd1ef91110cb5c145622b0f553ae2cccf4c7abddbef14b621cd8fdebbc4aa23a1b7f6293e1f132b192903e36f64371536c8617f14921bd0c24b17aaca7e
SSDEEP

768:esTH19N0TeRFCBBUy89Xg83SDWhxTsdwPjca0u7mu:b7N9FUqg6SDGxTsdwPjca0u7mu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
63c6b050d48c9480b067da00b10826f0_NeikiAnalytics

Files

63c6b050d48c9480b067da00b10826f0_NeikiAnalytics
.dll windows:6 windows x86 arch:x86

083f9a5403af1d50c9ffdb7a416a30ad

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\plcl\Projects\vcpkg\buildtrees\qt5-svg\x86-windows-rel\plugins\iconengines\qsvgicon.pdb

Imports

qt5svg

?render@QSvgRenderer@@QAEXPAVQPainter@@@Z
?load@QSvgRenderer@@QAE_NABVQByteArray@@@Z
?load@QSvgRenderer@@QAE_NABVQString@@@Z
?defaultSize@QSvgRenderer@@QBE?AVQSize@@XZ
?isValid@QSvgRenderer@@QBE_NXZ
??0QSvgRenderer@@QAE@ABVQString@@PAVQObject@@@Z
??1QSvgRenderer@@UAE@XZ
??0QSvgRenderer@@QAE@PAVQObject@@@Z

qt5gui

?staticMetaObject@QGuiApplication@@2UQMetaObject@@B
?iconName@QIconEngine@@UBE?AVQString@@XZ
?availableSizes@QIconEngine@@UBE?AV?$QList@VQSize@@@@W4Mode@QIcon@@W4State@4@@Z
?instance@QGuiApplicationPrivate@@SAPAV1@XZ
?insert@QPixmapCache@@SA_NABVQString@@ABVQPixmap@@@Z
?find@QPixmapCache@@SA_NABVQString@@PAVQPixmap@@@Z
?drawPixmap@QPainter@@QAEXABVQRect@@ABVQPixmap@@@Z
?end@QPainter@@QAE_NXZ
?device@QPainter@@QBEPAVQPaintDevice@@XZ
??1QPainter@@QAE@XZ
??0QPainter@@QAE@PAVQPaintDevice@@@Z
?virtual_hook@QIconEngine@@UAEXHPAX@Z
??1QIconEngine@@UAE@XZ
??0QIconEngine@@QAE@ABV0@@Z
??0QIconEngine@@QAE@XZ
??6@YAAAVQDataStream@@AAV0@ABVQPixmap@@@Z
??5@YAAAVQDataStream@@AAV0@AAVQPixmap@@@Z
?fromImage@QPixmap@@SA?AV1@ABVQImage@@V?$QFlags@W4ImageConversionFlag@Qt@@@@@Z
?size@QPixmap@@QBE?AVQSize@@XZ
?isNull@QPixmap@@QBE_NXZ
??4QPixmap@@QAEAAV0@$$QAV0@@Z
??1QImage@@UAE@XZ
??4QPixmap@@QAEAAV0@ABV0@@Z
??1QPixmap@@UAE@XZ
??0QPixmap@@QAE@ABV0@@Z
??0QPixmap@@QAE@ABVQString@@PBDV?$QFlags@W4ImageConversionFlag@Qt@@@@@Z
??0QPixmap@@QAE@XZ
?staticMetaObject@QIconEnginePlugin@@2UQMetaObject@@B
?qt_metacast@QIconEnginePlugin@@UAEPAXPBD@Z
?qt_metacall@QIconEnginePlugin@@UAEHW4Call@QMetaObject@@HPAPAX@Z
??0QIconEnginePlugin@@QAE@PAVQObject@@@Z
??1QIconEnginePlugin@@UAE@XZ
?devicePixelRatioF@QPaintDevice@@QBENXZ
??0QImage@@QAE@ABVQSize@@W4Format@0@@Z
?fill@QImage@@QAEXI@Z

qt5core

?shared_null@QHashData@@2U1@B
?instance@QCoreApplication@@SAPAV1@XZ
?mimeTypeForFile@QMimeDatabase@@QBE?AVQMimeType@@ABVQFileInfo@@W4MatchMode@1@@Z
??1QMimeDatabase@@QAE@XZ
??0QMimeDatabase@@QAE@XZ
?name@QMimeType@@QBE?AVQString@@XZ
??1QMimeType@@QAE@XZ
?absoluteFilePath@QFileInfo@@QBE?AVQString@@XZ
??1QFileInfo@@QAE@XZ
??0QFileInfo@@QAE@ABVQString@@@Z
?open@QFile@@UAE_NV?$QFlags@W4OpenModeFlag@QIODevice@@@@@Z
??1QFile@@UAE@XZ
??0QFile@@QAE@ABVQString@@@Z
??6QDataStream@@QAEAAV0@H@Z
??5QDataStream@@QAEAAV0@AAH@Z
?resetStatus@QDataStream@@QAEXXZ
?setStatus@QDataStream@@QAEXW4Status@1@@Z
?status@QDataStream@@QBE?AW4Status@1@XZ
?atEnd@QDataStream@@QBE_NXZ
?isTransactionStarted@QIODevice@@QBE_NXZ
?isNull@QString@@QBE_NXZ
?dynamicMetaObject@QObjectData@@QBEPAUQMetaObject@@XZ
?getAndRef@ExternalRefCountData@QtSharedPointer@@SAPAU12@PBVQObject@@@Z
??0QSize@@QAE@XZ
?childEvent@QObject@@MAEXPAVQChildEvent@@@Z
?connectNotify@QObject@@MAEXABVQMetaMethod@@@Z
?customEvent@QObject@@MAEXPAVQEvent@@@Z
?disconnectNotify@QObject@@MAEXABVQMetaMethod@@@Z
?event@QObject@@UAE_NPAVQEvent@@@Z
?eventFilter@QObject@@UAE_NPAV1@PAVQEvent@@@Z
?timerEvent@QObject@@MAEXPAVQTimerEvent@@@Z
??0QChar@@QAE@UQLatin1Char@@@Z
??0QByteArray@@QAE@XZ
??0QByteArray@@QAE@ABV0@@Z
??1QByteArray@@QAE@XZ
??4QByteArray@@QAEAAV0@ABV0@@Z
??4QByteArray@@QAEAAV0@$$QAV0@@Z
?constData@QByteArray@@QBEPBDXZ
?qUncompress@@YA?AVQByteArray@@PBEH@Z
??6@YAAAVQDataStream@@AAV0@ABVQByteArray@@@Z
??5@YAAAVQDataStream@@AAV0@AAVQByteArray@@@Z
?qCompress@@YA?AVQByteArray@@PBEHH@Z
??0QString@@QAE@XZ
??0QString@@QAE@VQLatin1String@@@Z
??0QString@@QAE@ABV0@@Z
??1QString@@QAE@XZ
??4QString@@QAEAAV0@ABV0@@Z
?endsWith@QString@@QBE_NVQLatin1String@@W4CaseSensitivity@Qt@@@Z
?append@QString@@QAEAAV1@VQChar@@@Z
?append@QString@@QAEAAV1@ABV1@@Z
?number@QString@@SA?AV1@HH@Z
?number@QString@@SA?AV1@_JH@Z
??8QString@@QBE_NVQLatin1String@@@Z
??6@YAAAVQDataStream@@AAV0@ABVQString@@@Z
??5@YAAAVQDataStream@@AAV0@AAVQString@@@Z
?isNull@QSize@@QBE_NXZ
?isEmpty@QSize@@QBE_NXZ
?width@QSize@@QBEHXZ
?height@QSize@@QBEHXZ
?scale@QSize@@QAEXABV1@W4AspectRatioMode@Qt@@@Z
??XQSize@@QAEAAV0@N@Z
?cast@QMetaObject@@QBEPAVQObject@@PAV2@@Z
?size@QRect@@QBE?AVQSize@@XZ
?allocateNode@QHashData@@QAEPAXH@Z
?detach_helper@QHashData@@QAEPAU1@P6AXPAUNode@1@PAX@ZP6AX0@ZHH@Z
?rehash@QHashData@@QAEXH@Z
?free_helper@QHashData@@QAEXP6AXPAUNode@1@@Z@Z
?nextNode@QHashData@@SAPAUNode@1@PAU21@@Z
?previousNode@QHashData@@SAPAUNode@1@PAU21@@Z
??0QSharedData@@QAE@XZ
??0QSharedData@@QAE@ABV0@@Z
?readAll@QIODevice@@QAE?AVQByteArray@@XZ

vcruntime140

__std_exception_destroy
__CxxFrameHandler3
_CxxThrowException
__std_exception_copy
__std_terminate
memset
_except_handler4_common
__std_type_info_destroy_list

api-ms-win-crt-heap-l1-1-0

_callnewh
free
malloc

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv
_initialize_onexit_table
_register_onexit_function
_seh_filter_dll
_crt_atexit
_cexit
_initterm
_execute_onexit_table
_initterm_e
_initialize_narrow_environment

kernel32

IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CloseHandle
IsProcessorFeaturePresent
GetProcAddress
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection

Exports

Exports

qt_plugin_instance
qt_plugin_query_metadata

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qtmetad
Size: 512B - Virtual size: 106B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

083f9a5403af1d50c9ffdb7a416a30ad

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

qt5svg

qt5gui

qt5core

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

kernel32

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 512B - Virtual size: 1KB

.qtmetad Size: 512B - Virtual size: 106B

.rsrc Size: 1024B - Virtual size: 840B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 512B - Virtual size: 1KB

.qtmetad
Size: 512B - Virtual size: 106B

.rsrc
Size: 1024B - Virtual size: 840B

.reloc
Size: 2KB - Virtual size: 1KB