28b11b961dc3fb40246e865f5bc79c40_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

28b11b961dc3fb40246e865f5bc79c40_NeikiAnalytics
Size

62KB
MD5

28b11b961dc3fb40246e865f5bc79c40
SHA1

04eaf6ee7c0d8c4a8322bd79aeb8a8969364fa71
SHA256

be585deaff0d01e32f7d3fc66c87bdf3e5a1bbc09e32be7d17fa168965d2604e
SHA512

71714f9fd86019d0a310d0de42679e497c50d2dce8ae1c519b6e5afb9ad184c165cc73d2dbf3a24c428dfc8b8f7d1e8cbb4e4bf6e1a5c58646b24efb488b3358
SSDEEP

1536:rDGS0GJwcD6QEwwpQowQwkmEKHJeJspjIj71q:rqjGJw1KYJspjw71

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28b11b961dc3fb40246e865f5bc79c40_NeikiAnalytics

Files

28b11b961dc3fb40246e865f5bc79c40_NeikiAnalytics
.dll windows:6 windows x64 arch:x64

b0401a50b4a3844d1e2126332593d20f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

qt6quick3d

?subsetCount@QQuick3DGeometry@@QEBAHXZ
?subsetBoundsMin@QQuick3DGeometry@@QEBA?AVQVector3D@@H@Z
?subsetBoundsMax@QQuick3DGeometry@@QEBA?AVQVector3D@@H@Z
?subsetOffset@QQuick3DGeometry@@QEBAHH@Z
?subsetCount@QQuick3DGeometry@@QEBAHH@Z
?subsetName@QQuick3DGeometry@@QEBA?AVQString@@H@Z
?addSubset@QQuick3DGeometry@@QEAAXHHAEBVQVector3D@@0AEBVQString@@@Z
?targetData@QQuick3DGeometry@@QEBA?AVQByteArray@@XZ
?addAttribute@QQuick3DGeometry@@QEAAXW4Semantic@Attribute@1@HW4ComponentType@31@@Z
?setTargetData@QQuick3DGeometry@@QEAAXHAEBVQByteArray@@@Z
?targetAttribute@QQuick3DGeometry@@QEBA?AUTargetAttribute@1@H@Z
?targetAttributeCount@QQuick3DGeometry@@QEBAHXZ
?addTargetAttribute@QQuick3DGeometry@@QEAAXIW4Semantic@Attribute@1@HH@Z
?addTargetAttribute@QQuick3DGeometry@@QEAAXAEBUTargetAttribute@1@@Z
?clear@QQuick3DGeometry@@QEAAXXZ
?idealSurfaceFormat@QQuick3D@@SA?AVQSurfaceFormat@@H@Z
?setPrimitiveType@QQuick3DGeometry@@QEAAXW4PrimitiveType@1@@Z
?setBounds@QQuick3DGeometry@@QEAAXAEBVQVector3D@@0@Z
?setStride@QQuick3DGeometry@@QEAAXH@Z
?setIndexData@QQuick3DGeometry@@QEAAXHAEBVQByteArray@@@Z
?setIndexData@QQuick3DGeometry@@QEAAXAEBVQByteArray@@@Z
?setVertexData@QQuick3DGeometry@@QEAAXHAEBVQByteArray@@@Z
?setVertexData@QQuick3DGeometry@@QEAAXAEBVQByteArray@@@Z
?stride@QQuick3DGeometry@@QEBAHXZ
?boundsMax@QQuick3DGeometry@@QEBA?AVQVector3D@@XZ
?boundsMin@QQuick3DGeometry@@QEBA?AVQVector3D@@XZ
?primitiveType@QQuick3DGeometry@@QEBA?AW4PrimitiveType@1@XZ
?attribute@QQuick3DGeometry@@QEBA?AUAttribute@1@H@Z
?attributeCount@QQuick3DGeometry@@QEBAHXZ
?indexData@QQuick3DGeometry@@QEBA?AVQByteArray@@XZ
?vertexData@QQuick3DGeometry@@QEBA?AVQByteArray@@XZ
??1QQuick3DGeometry@@UEAA@XZ
?staticMetaObject@QQuick3DTextureData@@2UQMetaObject@@B
??0QQuick3DGeometry@@QEAA@PEAVQQuick3DObject@@@Z
?setParentItem@QQuick3DObject@@QEAAXPEAV1@@Z
?parentItem@QQuick3DObject@@QEBAPEAV1@XZ
?setState@QQuick3DObject@@QEAAXAEBVQString@@@Z
?state@QQuick3DObject@@QEBA?AVQString@@XZ
?staticMetaObject@QQuick3DGeometry@@2UQMetaObject@@B
?markAllDirty@QQuick3DGeometry@@MEAAXXZ
?updateSpatialNode@QQuick3DGeometry@@MEAAPEAVQSSGRenderGraphObject@@PEAV2@@Z
?qt_metacall@QQuick3DGeometry@@UEAAHW4Call@QMetaObject@@HPEAPEAX@Z
?qt_metacast@QQuick3DGeometry@@UEAAPEAXPEBD@Z
?metaObject@QQuick3DGeometry@@UEBAPEBUQMetaObject@@XZ
?staticMetaObject@QQuick3DObject@@2UQMetaObject@@B
?setHasTransparency@QQuick3DTextureData@@QEAAX_N@Z
?hasTransparency@QQuick3DTextureData@@QEBA_NXZ
?setFormat@QQuick3DTextureData@@QEAAXW4Format@1@@Z
?format@QQuick3DTextureData@@QEBA?AW4Format@1@XZ
?setDepth@QQuick3DTextureData@@QEAAXH@Z
?depth@QQuick3DTextureData@@QEBAHXZ
?setSize@QQuick3DTextureData@@QEAAXAEBVQSize@@@Z
?addAttribute@QQuick3DGeometry@@QEAAXAEBUAttribute@1@@Z
?size@QQuick3DTextureData@@QEBA?AVQSize@@XZ
?setTextureData@QQuick3DTextureData@@QEAAXAEBVQByteArray@@@Z
?textureData@QQuick3DTextureData@@QEBA?BVQByteArray@@XZ
??1QQuick3DTextureData@@UEAA@XZ
??0QQuick3DTextureData@@QEAA@PEAVQQuick3DObject@@@Z
?preSync@QQuick3DObject@@MEAAXXZ
?componentComplete@QQuick3DObject@@MEAAXXZ
?classBegin@QQuick3DObject@@MEAAXXZ
?itemChange@QQuick3DObject@@MEAAXW4ItemChange@1@AEBTItemChangeData@1@@Z
?markAllDirty@QQuick3DTextureData@@MEAAXXZ
?updateSpatialNode@QQuick3DTextureData@@MEAAPEAVQSSGRenderGraphObject@@PEAV2@@Z
?qt_metacall@QQuick3DTextureData@@UEAAHW4Call@QMetaObject@@HPEAPEAX@Z
?qt_metacast@QQuick3DTextureData@@UEAAPEAXPEBD@Z
?metaObject@QQuick3DTextureData@@UEBAPEBUQMetaObject@@XZ
?setTargetData@QQuick3DGeometry@@QEAAXAEBVQByteArray@@@Z

qt6core

??0QString@@QEAA@XZ
?qt_QMetaEnum_debugOperator@@YA?AVQDebug@@AEAV1@_JPEBUQMetaObject@@PEBD@Z
??6QDebug@@QEAAAEAV0@H@Z
??1QDebug@@QEAA@XZ
?currentThread@QThread@@SAPEAV1@XZ
?isSignalConnected@QObject@@IEBA_NAEBVQMetaMethod@@@Z
?receivers@QObject@@IEBAHPEBD@Z
?senderSignalIndex@QObject@@IEBAHXZ
?sender@QObject@@IEBAPEAV1@XZ
??1QString@@QEAA@XZ
?inherits@QObject@@QEBA_NPEBD@Z
?thread@QObject@@QEBAPEAVQThread@@XZ
?dynamicMetaObject@QObjectData@@QEBAPEAUQMetaObject@@XZ
?id@QMetaType@@QEBAHH@Z
?registerNormalizedTypedef@QMetaType@@SAXAEBVQByteArray@@V1@@Z
?className@QMetaObject@@QEBAPEBDXZ
??6QDataStream@@QEAAAEAV0@H@Z
??5QDataStream@@QEAAAEAV0@AEAH@Z
?size@QByteArray@@QEBA_JXZ
?append@QByteArray@@QEAAAEAV1@PEBD@Z
?constData@QByteArray@@QEBAPEBDXZ
?data@QByteArray@@QEBAPEBDXZ
?reserve@QByteArray@@QEAAX_J@Z
??1QByteArray@@QEAA@XZ
??0QByteArray@@QEAA@XZ
?disconnectNotify@QObject@@MEAAXAEBVQMetaMethod@@@Z
?connectNotify@QObject@@MEAAXAEBVQMetaMethod@@@Z
?customEvent@QObject@@MEAAXPEAVQEvent@@@Z
?childEvent@QObject@@MEAAXPEAVQChildEvent@@@Z
?timerEvent@QObject@@MEAAXPEAVQTimerEvent@@@Z
?eventFilter@QObject@@UEAA_NPEAV1@PEAVQEvent@@@Z
?event@QObject@@UEAA_NPEAVQEvent@@@Z
?deleteLater@QObject@@QEAAXXZ
?isNull@QByteArray@@QEBA_NXZ

python3

_Py_NoneStruct
PyType_IsSubtype
_Py_Dealloc
PyLong_FromLong
PyLong_FromUnsignedLong
PyBool_FromLong
PyDict_GetItemString
PyModule_GetDict
PyCapsule_GetPointer
PyErr_SetString
PyErr_Occurred
Py_FatalError
PyGILState_Ensure
PyGILState_Release
PyModule_Create2
PyEval_RestoreThread
PyExc_AttributeError
PyCapsule_Type
PyImport_ImportModule
PyEval_SaveThread

kernel32

QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent

vcruntime140

__std_exception_destroy
__C_specific_handler
memcmp
_CxxThrowException
__std_exception_copy
memset
__std_type_info_destroy_list

api-ms-win-crt-heap-l1-1-0

free
_callnewh
malloc

api-ms-win-crt-runtime-l1-1-0

_initialize_narrow_environment
_initterm_e
_seh_filter_dll
_initialize_onexit_table
_execute_onexit_table
_cexit
_configure_narrow_argv
_initterm

Exports

Exports

PyInit_QtQuick3D

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b0401a50b4a3844d1e2126332593d20f

Headers

DLL Characteristics

File Characteristics

Imports

qt6quick3d

qt6core

python3

kernel32

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

Exports

Exports

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 21KB - Virtual size: 20KB

.data Size: 7KB - Virtual size: 7KB

.pdata Size: 3KB - Virtual size: 2KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 21KB - Virtual size: 20KB

.data
Size: 7KB - Virtual size: 7KB

.pdata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 1KB - Virtual size: 1KB