a2c1c07f15dd2bdf9a05d8287678ce50_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

a2c1c07f15dd2bdf9a05d8287678ce50_NeikiAnalytics
Size

36KB
MD5

a2c1c07f15dd2bdf9a05d8287678ce50
SHA1

ef601d2fb123927b69b7ba6abe95de006ea7a2f0
SHA256

ee7eeffea9b8f598cfcbf602340285aed4d76a1f9e2e0ab10a634729f996b471
SHA512

b483d9b57dad97f903c0e56f3c07e726818754784059fc486c64a8e7865bd014c76a8eff4b73a293288eea34ee969876d9d22acd6c20decc6e97b3871482beaf
SSDEEP

768:j8Jco48JT/T6uB232aPGG0LMWtZHeP5tukZ1bsrD+Qokf1e8vWzMOTPno9GQeh6L:Sco48JT1GZUphkZ1bM6vMOTPno9GQekL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2c1c07f15dd2bdf9a05d8287678ce50_NeikiAnalytics

Files

a2c1c07f15dd2bdf9a05d8287678ce50_NeikiAnalytics
.dll windows:6 windows x86 arch:x86

3559d9733cd6d52779a0710d300189b1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\plcl\Projects\vcpkg\buildtrees\qt5-base\x86-windows-rel\plugins\imageformats\qjpeg.pdb

Imports

qt5gui

?nextImageDelay@QImageIOHandler@@UBEHXZ
?name@QImageIOHandler@@UBE?AVQByteArray@@XZ
?loopCount@QImageIOHandler@@UBEHXZ
?jumpToNextImage@QImageIOHandler@@UAE_NXZ
?jumpToImage@QImageIOHandler@@UAE_NH@Z
?imageCount@QImageIOHandler@@UBEHXZ
?currentImageRect@QImageIOHandler@@UBE?AVQRect@@XZ
?currentImageNumber@QImageIOHandler@@UBEHXZ
?qt_imageTransform@@YAXAAVQImage@@V?$QFlags@W4Transformation@QImageIOHandler@@@@@Z
?qt_convert_rgb888_to_rgb32_ssse3@@YIXPAIPBEH@Z
?qt_convert_rgb888_to_rgb32@@YIXPAIPBEH@Z
?qt_getImageText@@YA?AV?$QMap@VQString@@V1@@@ABVQImage@@ABVQString@@@Z
?iccProfile@QColorSpace@@QBE?AVQByteArray@@XZ
?fromIccProfile@QColorSpace@@SA?AV1@ABVQByteArray@@@Z
??1QColorSpace@@QAE@XZ
?convertToFormat_inplace@QImage@@IAE_NW4Format@1@V?$QFlags@W4ImageConversionFlag@Qt@@@@@Z
?convertToFormat_helper@QImage@@IBE?AV1@W4Format@1@V?$QFlags@W4ImageConversionFlag@Qt@@@@@Z
?setText@QImage@@QAEXABVQString@@0@Z
?setDotsPerMeterY@QImage@@QAEXH@Z
?setDotsPerMeterX@QImage@@QAEXH@Z
?dotsPerMeterY@QImage@@QBEHXZ
?dotsPerMeterX@QImage@@QBEHXZ
?setColorSpace@QImage@@QAEXABVQColorSpace@@@Z
?colorSpace@QImage@@QBE?AVQColorSpace@@XZ
?scaled@QImage@@QBE?AV1@ABVQSize@@W4AspectRatioMode@Qt@@W4TransformationMode@4@@Z
?colorTable@QImage@@QBE?AV?$QVector@I@@XZ
?constScanLine@QImage@@QBEPBEH@Z
?staticMetaObject@QImageIOPlugin@@2UQMetaObject@@B
?setDevice@QImageIOHandler@@QAEXPAVQIODevice@@@Z
?setFormat@QImageIOHandler@@QAEXABVQByteArray@@@Z
?qt_metacast@QImageIOPlugin@@UAEPAXPBD@Z
?qt_metacall@QImageIOPlugin@@UAEHW4Call@QMetaObject@@HPAPAX@Z
??0QImageIOPlugin@@QAE@PAVQObject@@@Z
??1QImageIOPlugin@@UAE@XZ
??0QImageIOHandler@@QAE@XZ
??1QImageIOHandler@@UAE@XZ
?device@QImageIOHandler@@QBEPAVQIODevice@@XZ
?setFormat@QImageIOHandler@@QBEXABVQByteArray@@@Z
??0QImage@@QAE@ABVQSize@@W4Format@0@@Z
??0QImage@@QAE@ABV0@@Z
??0QImage@@QAE@$$QAV0@@Z
??1QImage@@UAE@XZ
??4QImage@@QAEAAV0@$$QAV0@@Z
?isNull@QImage@@QBE_NXZ
?copy@QImage@@QBE?AV1@ABVQRect@@@Z
?copy@QImage@@QBE?AV1@HHHH@Z
?format@QImage@@QBE?AW4Format@1@XZ
?width@QImage@@QBEHXZ
?height@QImage@@QBEHXZ
?size@QImage@@QBE?AVQSize@@XZ
?colorCount@QImage@@QBEHXZ
?scanLine@QImage@@QAEPAEH@Z

qt5core

?qt_cpu_features@@3PAV?$QBasicAtomicInteger@_K@@A
?staticMetaObject@QBuffer@@2UQMetaObject@@B
?shared_null@QListData@@2UData@1@B
?qDetectCpuFeatures@@YA_KXZ
?data@QBuffer@@QBEABVQByteArray@@XZ
?readRawData@QDataStream@@QAEHPADH@Z
??5QDataStream@@QAEAAV0@AAH@Z
??5QDataStream@@QAEAAV0@AAF@Z
?setByteOrder@QDataStream@@QAEXW4ByteOrder@1@@Z
?status@QDataStream@@QBE?AW4Status@1@XZ
??1QDataStream@@QAE@XZ
??0QDataStream@@QAE@PAVQByteArray@@V?$QFlags@W4OpenModeFlag@QIODevice@@@@@Z
?intersected@QRect@@QBE?AV1@ABV1@@Z
?height@QRect@@QBEHXZ
?width@QRect@@QBEHXZ
?size@QRect@@QBE?AVQSize@@XZ
?translate@QRect@@QAEXABVQPoint@@@Z
?topLeft@QRect@@QBE?AVQPoint@@XZ
?y@QRect@@QBEHXZ
?x@QRect@@QBEHXZ
?bottom@QRect@@QBEHXZ
?right@QRect@@QBEHXZ
?isEmpty@QRect@@QBE_NXZ
??0QRect@@QAE@HHHH@Z
??0QRect@@QAE@XZ
?height@QSize@@QBEHXZ
?width@QSize@@QBEHXZ
?isValid@QSize@@QBE_NXZ
?qstrcmp@@YAHABVQByteArray@@PBD@Z
?dynamicMetaObject@QObjectData@@QBEPAUQMetaObject@@XZ
?isOpen@QIODevice@@QBE_NXZ
?isReadable@QIODevice@@QBE_NXZ
?isWritable@QIODevice@@QBE_NXZ
?getAndRef@ExternalRefCountData@QtSharedPointer@@SAPAU12@PBVQObject@@@Z
?childEvent@QObject@@MAEXPAVQChildEvent@@@Z
?connectNotify@QObject@@MAEXABVQMetaMethod@@@Z
?customEvent@QObject@@MAEXPAVQEvent@@@Z
?disconnectNotify@QObject@@MAEXABVQMetaMethod@@@Z
?event@QObject@@UAE_NPAVQEvent@@@Z
?eventFilter@QObject@@UAE_NPAV1@PAVQEvent@@@Z
?timerEvent@QObject@@MAEXPAVQTimerEvent@@@Z
??0QMessageLogger@@QAE@PBDH0@Z
?warning@QMessageLogger@@QBAXPBDZZ
?cast@QMetaObject@@QBEPAVQObject@@PAV2@@Z
??0QChar@@QAE@UQLatin1Char@@@Z
?deallocate@QArrayData@@SAXPAU1@II@Z
??0QByteArray@@QAE@XZ
??0QByteArray@@QAE@PBDH@Z
??0QByteArray@@QAE@HD@Z
??0QByteArray@@QAE@ABV0@@Z
??1QByteArray@@QAE@XZ
?constData@QByteArray@@QBEPBDXZ
?mid@QByteArray@@QBE?AV1@HH@Z
?truncate@QByteArray@@QAEXH@Z
?append@QByteArray@@QAEAAV1@PBD@Z
?append@QByteArray@@QAEAAV1@PBDH@Z
?append@QByteArray@@QAEAAV1@ABV1@@Z
??0QString@@QAE@XZ
??0QString@@QAE@VQLatin1String@@@Z
??0QString@@QAE@ABV0@@Z
??1QString@@QAE@XZ
??4QString@@QAEAAV0@ABV0@@Z
??4QString@@QAEAAV0@VQLatin1String@@@Z
??4QString@@QAEAAV0@$$QAV0@@Z
?indexOf@QString@@QBEHVQChar@@HW4CaseSensitivity@Qt@@@Z
?indexOf@QString@@QBEHVQLatin1String@@HW4CaseSensitivity@Qt@@@Z
?left@QString@@QBE?AV1@H@Z
?mid@QString@@QBE?AV1@HH@Z
?simplified@QString@@QGBE?AV1@XZ
?append@QString@@QAEAAV1@ABV1@@Z
?append@QString@@QAEAAV1@VQLatin1String@@@Z
?toUtf8@QString@@QGBE?AVQByteArray@@XZ
?fromUtf8@QString@@SA?AV1@PBDH@Z
?detach_grow@QListData@@QAEPAUData@1@PAHH@Z
?dispose@QListData@@SAXPAUData@1@@Z
?append@QListData@@QAEPAPAXXZ
?size@QListData@@QBEHXZ
?at@QListData@@QBEPAPAXH@Z
?begin@QListData@@QBEPAPAXXZ
?end@QListData@@QBEPAPAXXZ
?read@QIODevice@@QAE_JPAD_J@Z
?write@QIODevice@@QAE_JPBD_J@Z
?peek@QIODevice@@QAE_JPAD_J@Z
?nextNode@QMapNodeBase@@QBEPBU1@XZ
?freeTree@QMapDataBase@@QAEXPAUQMapNodeBase@@H@Z
?freeData@QMapDataBase@@SAXPAU1@@Z
??0QVariant@@QAE@XZ
??1QVariant@@QAE@XZ
??0QVariant@@QAE@ABV0@@Z
??0QVariant@@QAE@H@Z
??0QVariant@@QAE@_N@Z
??0QVariant@@QAE@ABVQString@@@Z
??0QVariant@@QAE@ABVQSize@@@Z
??0QVariant@@QAE@ABVQRect@@@Z
??4QVariant@@QAEAAV0@$$QAV0@@Z
?toInt@QVariant@@QBEHPA_N@Z
?toBool@QVariant@@QBE_NXZ
?toString@QVariant@@QBE?AVQString@@XZ
?toRect@QVariant@@QBE?AVQRect@@XZ
?toSize@QVariant@@QBE?AVQSize@@XZ
??0QSize@@QAE@XZ
??0QSize@@QAE@HH@Z
?isEmpty@QSize@@QBE_NXZ

jpeg62

ord98
ord79
ord38
ord50
ord77
ord87
ord75
ord96
ord49
ord78
ord86
ord85
ord84
ord81
ord44
ord43
ord31
ord30
ord89

vcruntime140

_setjmp3
__std_exception_copy
__std_exception_destroy
_CxxThrowException
memset
_except_handler4_common
__std_type_info_destroy_list
__std_terminate
__CxxFrameHandler3
longjmp
__CxxLongjmpUnwind
memcpy

api-ms-win-crt-math-l1-1-0

ceil

api-ms-win-crt-heap-l1-1-0

malloc
free
_callnewh

api-ms-win-crt-runtime-l1-1-0

_cexit
_register_onexit_function
_initterm_e
_crt_atexit
_execute_onexit_table
_initialize_onexit_table
_seh_filter_dll
_initialize_narrow_environment
_configure_narrow_argv
_initterm

kernel32

IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CloseHandle
IsProcessorFeaturePresent
GetProcAddress
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection

Exports

Exports

qt_plugin_instance
qt_plugin_query_metadata

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qtmetad
Size: 512B - Virtual size: 133B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3559d9733cd6d52779a0710d300189b1

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

qt5gui

qt5core

jpeg62

vcruntime140

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

kernel32

Exports

Exports

Sections

.text Size: 18KB - Virtual size: 18KB

.rdata Size: 13KB - Virtual size: 12KB

.data Size: 512B - Virtual size: 1KB

.qtmetad Size: 512B - Virtual size: 133B

.rsrc Size: 1024B - Virtual size: 832B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 18KB - Virtual size: 18KB

.rdata
Size: 13KB - Virtual size: 12KB

.data
Size: 512B - Virtual size: 1KB

.qtmetad
Size: 512B - Virtual size: 133B

.rsrc
Size: 1024B - Virtual size: 832B

.reloc
Size: 2KB - Virtual size: 1KB