bdb0b335679d1e884f32d3d74d3f84a0_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

bdb0b335679d1e884f32d3d74d3f84a0_NeikiAnalytics
Size

581KB
MD5

bdb0b335679d1e884f32d3d74d3f84a0
SHA1

5cffd24d0dba580be02869273f8a0bb9baeacc9e
SHA256

b9768dc84db33ee011fca3e628fd1907550dc8982bfeebb2fdb2fab4fa3ecd8b
SHA512

a8d540a2683237065f65009bfc48ffccc44d91071398dee09df799e95381fc1f8e78923d6e5281081c0d4a4f18b75bbee03fd87cc353c0bd48508bd20cd3fdca
SSDEEP

12288:DP+vonTzU7YjSRxcw0QxF9EdjkPgHhmeLGuEy:7FTiY2Rew0QxTEdjkEhmeLGuEy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bdb0b335679d1e884f32d3d74d3f84a0_NeikiAnalytics

Files

bdb0b335679d1e884f32d3d74d3f84a0_NeikiAnalytics
.exe windows:4 windows x64 arch:x64

1cde927f5a349ab767e377d6bc9e855b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

libglib-2.0-0

g_ascii_toupper
g_assertion_message_expr
g_clear_error
g_file_test
g_free
g_get_prgname
g_getenv
g_list_copy
g_list_foreach
g_list_free
g_list_sort
g_log_writer_supports_color
g_malloc0
g_option_context_add_group
g_option_context_add_main_entries
g_option_context_free
g_option_context_new
g_option_context_parse_strv
g_print
g_printerr
g_qsort_with_data
g_quark_to_string
g_return_if_fail_warning
g_set_prgname
g_setenv
g_slist_append
g_slist_foreach
g_slist_free
g_str_has_suffix
g_strcmp0
g_strdup
g_strdup_printf
g_strfreev
g_string_append
g_string_assign
g_string_free
g_string_insert_c
g_string_new
g_strsplit
g_strv_contains
g_strv_length
g_win32_get_command_line

libgobject-2.0-0

g_object_class_list_properties
g_object_get_property
g_object_new
g_param_spec_get_blurb
g_param_spec_get_name
g_param_spec_types
g_param_value_set_default
g_signal_list_ids
g_signal_lookup
g_signal_query
g_strv_get_type
g_type_check_instance_is_a
g_type_class_ref
g_type_class_unref
g_type_fundamental
g_type_interfaces
g_type_name
g_type_parent
g_value_array_get_type
g_value_get_boolean
g_value_get_double
g_value_get_enum
g_value_get_flags
g_value_get_float
g_value_get_int
g_value_get_int64
g_value_get_long
g_value_get_string
g_value_get_uint
g_value_get_uint64
g_value_get_ulong
g_value_init
g_value_reset

libintl-8

libintl_bind_textdomain_codeset
libintl_bindtextdomain
libintl_gettext
libintl_ngettext
libintl_textdomain

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
__C_specific_handler

ucrtbase

_set_app_type
__acrt_iob_func
__daylight
__p___argc
__p___argv
__p___wargv
__p__acmdln
__p__environ
__p__fmode
__p__wenviron
__setusermatherr
__stdio_common_vfprintf
__stdio_common_vfwprintf
__stdio_common_vsprintf
__stdio_common_vsscanf
__stdio_common_vswprintf
__timezone
__tzname
_cexit
_configure_narrow_argv
_configure_wide_argv
_crt_atexit
_fileno
_initialize_narrow_environment
_initialize_wide_environment
_initterm
_isatty
_set_invalid_parameter_handler
_tzset
abort
calloc
exit
free
fwrite
malloc
memcpy
memset
setlocale
signal
strlen
strncmp
strstr
strchr
strcmp
__initialize_lconv_for_unsigned_char

libgstreamer-1.0-0

GST_CAT_DEFAULT
_gst_caps_features_memory_system_memory
_gst_caps_type
_gst_debug_min
_gst_structure_type
_gst_value_array_type
gst_bin_get_type
gst_caps_features_is_any
gst_caps_features_is_equal
gst_caps_features_to_string
gst_caps_get_features
gst_caps_get_size
gst_caps_get_structure
gst_caps_is_any
gst_caps_is_empty
gst_caps_to_string
gst_debug_log
gst_device_provider_factory_get_metadata
gst_device_provider_factory_get_type
gst_element_class_get_pad_template
gst_element_factory_create
gst_element_factory_get_metadata
gst_element_factory_get_metadata_keys
gst_element_factory_get_num_pad_templates
gst_element_factory_get_skip_documentation
gst_element_factory_get_static_pad_templates
gst_element_factory_get_type
gst_element_factory_get_uri_protocols
gst_element_factory_get_uri_type
gst_element_get_type
gst_info_strdup_vprintf
gst_init_get_option_group
gst_mini_object_make_writable
gst_mini_object_unref
gst_object_get_name
gst_object_get_type
gst_object_unref
gst_pad_get_direction
gst_pad_get_type
gst_param_spec_fraction_get_type
gst_plugin_feature_check_version
gst_plugin_feature_get_plugin
gst_plugin_feature_get_rank
gst_plugin_feature_list_free
gst_plugin_feature_load
gst_plugin_get_description
gst_plugin_get_filename
gst_plugin_get_license
gst_plugin_get_name
gst_plugin_get_origin
gst_plugin_get_package
gst_plugin_get_release_date_string
gst_plugin_get_source
gst_plugin_get_status_errors
gst_plugin_get_status_infos
gst_plugin_get_status_warnings
gst_plugin_get_version
gst_plugin_list_free
gst_plugin_load_file
gst_preset_get_meta
gst_preset_get_preset_names
gst_preset_get_type
gst_registry_find_feature
gst_registry_find_plugin
gst_registry_get
gst_registry_get_feature_list
gst_registry_get_feature_list_by_plugin
gst_registry_get_plugin_list
gst_registry_lookup_feature
gst_static_caps_get
gst_static_pad_template_get_caps
gst_structure_foreach
gst_structure_get_name
gst_structure_remove_field
gst_structure_to_string
gst_tracer_factory_get_type
gst_type_find_factory_get_caps
gst_type_find_factory_get_extensions
gst_type_find_factory_get_type
gst_uri_handler_get_protocols
gst_uri_handler_get_type
gst_uri_handler_get_uri_type
gst_value_get_caps
gst_value_get_fraction_denominator
gst_value_get_fraction_numerator
gst_value_get_structure
gst_value_serialize
gst_version_string

Sections

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 432B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 932B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 338KB - Virtual size: 338KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/31
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/57
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/70
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/81
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/92
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1cde927f5a349ab767e377d6bc9e855b

Headers

File Characteristics

Imports

libglib-2.0-0

libgobject-2.0-0

libintl-8

kernel32

ucrtbase

libgstreamer-1.0-0

Sections

.text Size: 34KB - Virtual size: 34KB

.data Size: 512B - Virtual size: 432B

.rdata Size: 9KB - Virtual size: 9KB

.pdata Size: 1024B - Virtual size: 984B

.xdata Size: 1024B - Virtual size: 932B

.bss Size: - Virtual size: 2KB

.idata Size: 10KB - Virtual size: 10KB

.CRT Size: 512B - Virtual size: 104B

.tls Size: 512B - Virtual size: 16B

/4 Size: 1KB - Virtual size: 1KB

/19 Size: 338KB - Virtual size: 338KB

/31 Size: 13KB - Virtual size: 12KB

/45 Size: 27KB - Virtual size: 26KB

/57 Size: 5KB - Virtual size: 4KB

/70 Size: 6KB - Virtual size: 6KB

/81 Size: 52KB - Virtual size: 52KB

/92 Size: 9KB - Virtual size: 9KB

.text
Size: 34KB - Virtual size: 34KB

.data
Size: 512B - Virtual size: 432B

.rdata
Size: 9KB - Virtual size: 9KB

.pdata
Size: 1024B - Virtual size: 984B

.xdata
Size: 1024B - Virtual size: 932B

.bss
Size: - Virtual size: 2KB

.idata
Size: 10KB - Virtual size: 10KB

.CRT
Size: 512B - Virtual size: 104B

.tls
Size: 512B - Virtual size: 16B

/4
Size: 1KB - Virtual size: 1KB

/19
Size: 338KB - Virtual size: 338KB

/31
Size: 13KB - Virtual size: 12KB

/45
Size: 27KB - Virtual size: 26KB

/57
Size: 5KB - Virtual size: 4KB

/70
Size: 6KB - Virtual size: 6KB

/81
Size: 52KB - Virtual size: 52KB

/92
Size: 9KB - Virtual size: 9KB