sfsu.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
82220362c1e195a43e066d80a90455e0_NeikiAnalytics.exe
Resource
win7-20231129-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
82220362c1e195a43e066d80a90455e0_NeikiAnalytics.exe
Resource
win10v2004-20240426-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
82220362c1e195a43e066d80a90455e0_NeikiAnalytics
-
Size
9.4MB
-
MD5
82220362c1e195a43e066d80a90455e0
-
SHA1
a51dbe4634359243dcb199ff40e67ab7603ad8db
-
SHA256
ab8817465dae69375a05b680d5db73e4e368930010a7e01ef1e70b03fac8c67d
-
SHA512
f560cbbad47779abedda61bcaada4ab7e01f747394c6cd2b4e90dd355dd3631b1f308212a6bd1c7477735980eec96f40d2990da2ab4e922a598740e15fc67a08
-
SSDEEP
196608:jgTZDgw1SMlG3AReRNrDvEyiKTV6MW1afGv5Z1iaJh:MTZ07MjCrD8GVNZ+r1ian
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 82220362c1e195a43e066d80a90455e0_NeikiAnalytics
Files
-
82220362c1e195a43e066d80a90455e0_NeikiAnalytics.exe windows:6 windows x86 arch:x86
528802c6f6ba9d31f1fb293c0ee61d85
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
api-ms-win-core-synch-l1-2-0
WakeByAddressAll
WaitOnAddress
WakeByAddressSingle
bcryptprimitives
ProcessPrng
kernel32
GetCurrentThreadId
GetSystemTimes
CreateNamedPipeW
LoadLibraryA
WaitForSingleObjectEx
SetConsoleTextAttribute
FormatMessageA
SetConsoleMode
DeleteProcThreadAttributeList
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetEvent
GetExitCodeThread
SetFilePointer
UpdateProcThreadAttribute
InitializeProcThreadAttributeList
GetFileAttributesW
CreateProcessW
GetWindowsDirectoryW
GetSystemDirectoryW
CompareStringOrdinal
FreeEnvironmentStringsW
GetEnvironmentStringsW
ReadConsoleW
WideCharToMultiByte
FindFirstFileW
CreateDirectoryW
FindNextFileW
SetFilePointerEx
GetConsoleMode
SetThreadStackGuarantee
GetFinalPathNameByHandleW
GetFullPathNameW
GetFileInformationByHandle
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
GetSystemDirectoryA
FreeLibrary
CreateSymbolicLinkW
GetConsoleScreenBufferInfo
SetUnhandledExceptionFilter
DuplicateHandle
SetFileInformationByHandle
CreateFileW
GetCommandLineW
GetModuleFileNameW
SystemTimeToFileTime
MoveFileExW
GetSystemTime
GetCurrentProcessId
SetFileTime
SetFileAttributesW
RemoveDirectoryW
GetFileAttributesExW
GetExitCodeProcess
ReadFileEx
WaitForMultipleObjects
GetOverlappedResult
CreateEventW
LocalFree
CancelIo
LoadLibraryExA
ReadFile
ExitProcess
GlobalFree
GetBinaryTypeW
GlobalAlloc
VerifyVersionInfoA
GetSystemTimeAsFileTime
CreateFileA
CreateEventA
WaitNamedPipeA
GetTempPathW
TerminateProcess
WaitForSingleObject
DeleteFileW
ExpandEnvironmentStringsW
IsDebuggerPresent
HeapReAlloc
QueryPerformanceCounter
CreateMutexA
GetEnvironmentVariableW
GetCurrentDirectoryW
FormatMessageW
GetProcAddress
SwitchToThread
FindClose
GetSystemInfo
GetStdHandle
CloseHandle
GetLastError
SetLastError
GetFileType
GetCurrentProcess
GetNativeSystemInfo
TlsSetValue
TlsGetValue
HeapFree
lstrlenW
GetModuleHandleW
QueryPerformanceFrequency
WriteConsoleW
MultiByteToWideChar
TlsFree
InitOnceComplete
TlsAlloc
InitOnceBeginInitialize
GetVolumeInformationW
HeapAlloc
GetProcessHeap
ReleaseMutex
GetCurrentThread
RtlCaptureContext
FindFirstFileExW
VerSetConditionMask
PostQueuedCompletionStatus
DeviceIoControl
GetShortPathNameW
WriteFile
CreateThread
Sleep
GetModuleHandleA
AddVectoredExceptionHandler
SetFileCompletionNotificationModes
CreateIoCompletionPort
SetHandleInformation
GetQueuedCompletionStatusEx
SleepEx
WriteFileEx
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetConsoleCursorPosition
FillConsoleOutputAttribute
FillConsoleOutputCharacterA
GetFileInformationByHandleEx
GetSystemTimePreciseAsFileTime
GetTickCount64
GetTimeZoneInformationForYear
FlushFileBuffers
InitializeSListHead
advapi32
SystemFunction036
RegOpenKeyExW
GetNamedSecurityInfoW
CheckTokenMembership
CryptGenRandom
CryptReleaseContext
CryptAcquireContextA
RegQueryValueExW
CopySid
EqualSid
GetLengthSid
CryptGetHashParam
IsValidSid
IsWellKnownSid
CryptCreateHash
CryptDestroyHash
CryptHashData
RegCloseKey
OpenProcessToken
GetTokenInformation
user32
GetSystemMetrics
FindWindowA
SendMessageA
bcrypt
BCryptGenRandom
BCryptGetProperty
BCryptDestroyHash
BCryptFinishHash
BCryptHashData
BCryptCreateHash
BCryptDeriveKey
BCryptSecretAgreement
BCryptVerifySignature
BCryptSignHash
BCryptDestroySecret
BCryptDestroyKey
BCryptFinalizeKeyPair
BCryptImportKeyPair
BCryptImportKey
BCryptExportKey
BCryptDecrypt
BCryptEncrypt
BCryptGenerateKeyPair
BCryptCloseAlgorithmProvider
BCryptSetProperty
BCryptOpenAlgorithmProvider
crypt32
CertAddCertificateContextToStore
CertDuplicateStore
CertEnumCertificatesInStore
CertGetCertificateChain
CertFreeCertificateChain
CertVerifyCertificateChainPolicy
CertDuplicateCertificateChain
CertDuplicateCertificateContext
CertFreeCertificateContext
CertCloseStore
CryptDecodeObjectEx
CertOpenStore
ntdll
RtlNtStatusToDosError
RtlGetVersion
NtReadFile
NtCreateFile
NtDeviceIoControlFile
NtWriteFile
NtCancelIoFileEx
shell32
SHGetKnownFolderPath
ole32
CoInitializeEx
CoTaskMemFree
CoUninitialize
CoCreateInstance
ws2_32
bind
ioctlsocket
WSASocketW
connect
getsockopt
getaddrinfo
freeaddrinfo
WSAStartup
shutdown
setsockopt
recv
WSACleanup
send
closesocket
WSASend
select
htonl
htons
getsockname
WSAGetLastError
getpeername
WSAPoll
ntohl
ntohs
socket
WSAIoctl
secur32
ApplyControlToken
QueryContextAttributesW
EncryptMessage
InitializeSecurityContextW
FreeCredentialsHandle
DeleteSecurityContext
AcquireCredentialsHandleA
AcceptSecurityContext
FreeContextBuffer
DecryptMessage
oleaut32
SysFreeString
SysStringLen
GetErrorInfo
rpcrt4
UuidCreate
winhttp
WinHttpSetStatusCallback
WinHttpOpen
WinHttpCloseHandle
WinHttpQueryHeaders
WinHttpReceiveResponse
WinHttpConnect
WinHttpReadData
WinHttpWriteData
WinHttpQueryOption
WinHttpSetOption
WinHttpSetTimeouts
WinHttpOpenRequest
WinHttpQueryAuthSchemes
WinHttpSendRequest
WinHttpAddRequestHeaders
WinHttpSetCredentials
vcruntime140
memcmp
memmove
memset
_CxxThrowException
__CxxFrameHandler3
strchr
_except_handler4_common
__current_exception_context
strstr
strrchr
__current_exception
memchr
memcpy
api-ms-win-crt-string-l1-1-0
isdigit
toupper
isupper
islower
isspace
tolower
isalnum
isxdigit
strspn
ispunct
isprint
iscntrl
wcsncmp
strlen
wcslen
isalpha
strcat_s
strcmp
_stricmp
strnlen
strncmp
strncpy
strcspn
_strnicmp
api-ms-win-crt-math-l1-1-0
ldexp
fmod
truncf
trunc
round
ceil
__setusermatherr
pow
floor
log
api-ms-win-crt-heap-l1-1-0
realloc
free
calloc
malloc
_set_new_mode
api-ms-win-crt-stdio-l1-1-0
fflush
__p__commode
_close
__stdio_common_vsprintf
_read
_write
feof
fopen
__acrt_iob_func
__stdio_common_vsprintf_s
fread
fclose
_chsize_s
_get_osfhandle
_open_osfhandle
__stdio_common_vsnprintf_s
rewind
fgets
__stdio_common_vfprintf
_lseeki64
fputc
_set_fmode
fwrite
__stdio_common_vswprintf_s
api-ms-win-crt-runtime-l1-1-0
_initterm
_errno
_set_app_type
abort
_get_initial_narrow_environment
_register_onexit_function
_configure_narrow_argv
_initialize_narrow_environment
_controlfp_s
terminate
strerror
_initialize_onexit_table
_seh_filter_exe
exit
_crt_atexit
_cexit
_wassert
_register_thread_local_exe_atexit_callback
_c_exit
__p___argv
__p___argc
_exit
_initterm_e
api-ms-win-crt-filesystem-l1-1-0
_getdrive
_wchmod
remove
_waccess
_wrmdir
_wmkdir
api-ms-win-crt-time-l1-1-0
_mktime64
_time64
_gmtime64
_difftime64
_localtime64
api-ms-win-crt-environment-l1-1-0
getenv
api-ms-win-crt-convert-l1-1-0
strtoul
strtol
api-ms-win-crt-locale-l1-1-0
_configthreadlocale
Exports
Exports
OnigDefaultCaseFoldFlag
OnigDefaultSyntax
OnigEncodingASCII
OnigEncodingUTF8
OnigSyntaxOniguruma
OnigSyntaxRuby
git_annotated_commit_free
git_annotated_commit_from_fetchhead
git_annotated_commit_from_ref
git_annotated_commit_from_revspec
git_annotated_commit_id
git_annotated_commit_lookup
git_annotated_commit_ref
git_attr_add_macro
git_attr_cache_flush
git_attr_foreach
git_attr_foreach_ext
git_attr_get
git_attr_get_ext
git_attr_get_many
git_attr_get_many_ext
git_attr_value
git_blob_create_from_buffer
git_blob_create_from_disk
git_blob_create_from_stream
git_blob_create_from_stream_commit
git_blob_create_from_workdir
git_blob_create_frombuffer
git_blob_create_fromdisk
git_blob_create_fromstream
git_blob_create_fromstream_commit
git_blob_create_fromworkdir
git_blob_data_is_binary
git_blob_dup
git_blob_filter
git_blob_filter_options_init
git_blob_filtered_content
git_blob_free
git_blob_id
git_blob_is_binary
git_blob_lookup
git_blob_lookup_prefix
git_blob_owner
git_blob_rawcontent
git_blob_rawsize
git_branch_create
git_branch_create_from_annotated
git_branch_delete
git_branch_is_checked_out
git_branch_is_head
git_branch_iterator_free
git_branch_iterator_new
git_branch_lookup
git_branch_move
git_branch_name
git_branch_name_is_valid
git_branch_next
git_branch_remote_name
git_branch_set_upstream
git_branch_upstream
git_branch_upstream_merge
git_branch_upstream_name
git_branch_upstream_remote
git_buf_contains_nul
git_buf_dispose
git_buf_free
git_buf_grow
git_buf_is_binary
git_buf_set
git_checkout_head
git_checkout_index
git_checkout_init_options
git_checkout_options_init
git_checkout_tree
git_clone
git_clone_init_options
git_clone_options_init
git_commit_amend
git_commit_author
git_commit_author_with_mailmap
git_commit_body
git_commit_committer
git_commit_committer_with_mailmap
git_commit_create
git_commit_create_buffer
git_commit_create_from_callback
git_commit_create_from_ids
git_commit_create_v
git_commit_create_with_signature
git_commit_dup
git_commit_extract_signature
git_commit_free
git_commit_graph_free
git_commit_graph_open
git_commit_graph_writer_add_index_file
git_commit_graph_writer_add_revwalk
git_commit_graph_writer_commit
git_commit_graph_writer_dump
git_commit_graph_writer_free
git_commit_graph_writer_new
git_commit_graph_writer_options_init
git_commit_header_field
git_commit_id
git_commit_lookup
git_commit_lookup_prefix
git_commit_message
git_commit_message_encoding
git_commit_message_raw
git_commit_nth_gen_ancestor
git_commit_owner
git_commit_parent
git_commit_parent_id
git_commit_parentcount
git_commit_raw_header
git_commit_summary
git_commit_time
git_commit_time_offset
git_commit_tree
git_commit_tree_id
git_config_add_backend
git_config_add_file_ondisk
git_config_backend_foreach_match
git_config_delete_entry
git_config_delete_multivar
git_config_entry_free
git_config_find_global
git_config_find_programdata
git_config_find_system
git_config_find_xdg
git_config_foreach
git_config_foreach_match
git_config_free
git_config_get_bool
git_config_get_entry
git_config_get_int32
git_config_get_int64
git_config_get_mapped
git_config_get_multivar_foreach
git_config_get_path
git_config_get_string
git_config_get_string_buf
git_config_init_backend
git_config_iterator_free
git_config_iterator_glob_new
git_config_iterator_new
git_config_lock
git_config_lookup_map_value
git_config_multivar_iterator_new
git_config_new
git_config_next
git_config_open_default
git_config_open_global
git_config_open_level
git_config_open_ondisk
git_config_parse_bool
git_config_parse_int32
git_config_parse_int64
git_config_parse_path
git_config_set_bool
git_config_set_int32
git_config_set_int64
git_config_set_multivar
git_config_set_string
git_config_snapshot
git_config_unlock
git_cred_default_new
git_cred_free
git_cred_get_username
git_cred_has_username
git_cred_ssh_custom_new
git_cred_ssh_interactive_new
git_cred_ssh_key_from_agent
git_cred_ssh_key_memory_new
git_cred_ssh_key_new
git_cred_username_new
git_cred_userpass_plaintext_new
git_credential_default_new
git_credential_free
git_credential_get_username
git_credential_has_username
git_credential_ssh_custom_new
git_credential_ssh_interactive_new
git_credential_ssh_key_from_agent
git_credential_ssh_key_memory_new
git_credential_ssh_key_new
git_credential_username_new
git_credential_userpass_plaintext_new
git_diff_blob_to_buffer
git_diff_blobs
git_diff_buffers
git_diff_commit_as_email
git_diff_find_init_options
git_diff_find_options_init
git_diff_find_similar
git_diff_foreach
git_diff_format_email
git_diff_format_email_init_options
git_diff_format_email_options_init
git_diff_free
git_diff_get_delta
git_diff_get_perfdata
git_diff_get_stats
git_diff_index_to_index
git_diff_index_to_workdir
git_diff_init_options
git_diff_is_sorted_icase
git_diff_merge
git_diff_num_deltas
git_diff_num_deltas_of_type
git_diff_options_init
git_diff_patchid
git_diff_patchid_options_init
git_diff_print
git_diff_print_callback__to_buf
git_diff_print_callback__to_file_handle
git_diff_stats_deletions
git_diff_stats_files_changed
git_diff_stats_free
git_diff_stats_insertions
git_diff_stats_to_buf
git_diff_status_char
git_diff_to_buf
git_diff_tree_to_index
git_diff_tree_to_tree
git_diff_tree_to_workdir
git_diff_tree_to_workdir_with_index
git_email_create_from_commit
git_email_create_from_diff
git_error_clear
git_error_last
git_error_set
git_error_set_oom
git_error_set_str
git_fetch_init_options
git_fetch_options_init
git_filter_init
git_filter_list_apply_to_blob
git_filter_list_apply_to_buffer
git_filter_list_apply_to_data
git_filter_list_apply_to_file
git_filter_list_contains
git_filter_list_free
git_filter_list_length
git_filter_list_load
git_filter_list_load_ext
git_filter_list_new
git_filter_list_push
git_filter_list_stream_blob
git_filter_list_stream_buffer
git_filter_list_stream_data
git_filter_list_stream_file
git_filter_lookup
git_filter_register
git_filter_source_filemode
git_filter_source_flags
git_filter_source_id
git_filter_source_mode
git_filter_source_path
git_filter_source_repo
git_filter_unregister
git_graph_ahead_behind
git_graph_descendant_of
git_graph_reachable_from_any
git_hashsig_compare
git_hashsig_create
git_hashsig_create_fromfile
git_hashsig_free
git_ignore_add_rule
git_ignore_clear_internal_rules
git_ignore_path_is_ignored
git_index_add
git_index_add_all
git_index_add_bypath
git_index_add_from_buffer
git_index_add_frombuffer
git_index_caps
git_index_checksum
git_index_clear
git_index_conflict_add
git_index_conflict_cleanup
git_index_conflict_get
git_index_conflict_iterator_free
git_index_conflict_iterator_new
git_index_conflict_next
git_index_conflict_remove
git_index_entry_is_conflict
git_index_entry_stage
git_index_entrycount
git_index_find
git_index_find_prefix
git_index_free
git_index_get_byindex
git_index_get_bypath
git_index_has_conflicts
git_index_iterator_free
git_index_iterator_new
git_index_iterator_next
git_index_name_add
git_index_name_clear
git_index_name_entrycount
git_index_name_get_byindex
git_index_new
git_index_open
git_index_owner
git_index_path
git_index_read
git_index_read_tree
git_index_remove
git_index_remove_all
git_index_remove_bypath
git_index_remove_directory
git_index_reuc_add
git_index_reuc_clear
git_index_reuc_entrycount
git_index_reuc_find
git_index_reuc_get_byindex
git_index_reuc_get_bypath
git_index_reuc_remove
git_index_set_caps
git_index_set_version
git_index_update_all
git_index_version
git_index_write
git_index_write_tree
git_index_write_tree_to
git_indexer_append
git_indexer_commit
git_indexer_free
git_indexer_hash
git_indexer_init_options
git_indexer_name
git_indexer_new
git_indexer_options_init
git_libgit2_features
git_libgit2_init
git_libgit2_opts
git_libgit2_prerelease
git_libgit2_shutdown
git_libgit2_version
git_mailmap_add_entry
git_mailmap_free
git_mailmap_from_buffer
git_mailmap_from_repository
git_mailmap_new
git_mailmap_resolve
git_mailmap_resolve_signature
git_merge
git_merge_analysis
git_merge_analysis_for_ref
git_merge_base
git_merge_base_many
git_merge_base_octopus
git_merge_bases
git_merge_bases_many
git_merge_commits
git_merge_driver_lookup
git_merge_driver_register
git_merge_driver_source_ancestor
git_merge_driver_source_file_options
git_merge_driver_source_ours
git_merge_driver_source_repo
git_merge_driver_source_theirs
git_merge_driver_unregister
git_merge_file
git_merge_file_from_index
git_merge_file_init_input
git_merge_file_init_options
git_merge_file_input_init
git_merge_file_options_init
git_merge_file_result_free
git_merge_init_options
git_merge_options_init
git_merge_trees
git_midx_writer_add
git_midx_writer_commit
git_midx_writer_dump
git_midx_writer_free
git_midx_writer_new
git_object__size
git_object_dup
git_object_free
git_object_id
git_object_lookup
git_object_lookup_bypath
git_object_lookup_prefix
git_object_owner
git_object_peel
git_object_rawcontent_is_valid
git_object_short_id
git_object_string2type
git_object_type
git_object_type2string
git_object_typeisloose
git_odb__backend_loose
git_odb_add_alternate
git_odb_add_backend
git_odb_add_disk_alternate
git_odb_backend_data_alloc
git_odb_backend_data_free
git_odb_backend_loose
git_odb_backend_malloc
git_odb_backend_one_pack
git_odb_backend_pack
git_odb_exists
git_odb_exists_ext
git_odb_exists_prefix
git_odb_expand_ids
git_odb_foreach
git_odb_free
git_odb_get_backend
git_odb_hash
git_odb_hashfile
git_odb_init_backend
git_odb_new
git_odb_num_backends
git_odb_object_data
git_odb_object_dup
git_odb_object_free
git_odb_object_id
git_odb_object_size
git_odb_object_type
git_odb_open
git_odb_open_rstream
git_odb_open_wstream
git_odb_read
git_odb_read_header
git_odb_read_prefix
git_odb_refresh
git_odb_set_commit_graph
git_odb_stream_finalize_write
git_odb_stream_free
git_odb_stream_read
git_odb_stream_write
git_odb_write
git_odb_write_multi_pack_index
git_odb_write_pack
git_oid_cmp
git_oid_cpy
git_oid_equal
git_oid_fmt
git_oid_fromraw
git_oid_fromstr
git_oid_fromstrn
git_oid_fromstrp
git_oid_is_zero
git_oid_iszero
git_oid_ncmp
git_oid_nfmt
git_oid_pathfmt
git_oid_shorten_add
git_oid_shorten_free
git_oid_shorten_new
git_oid_strcmp
git_oid_streq
git_oid_tostr
git_oid_tostr_s
git_oidarray_dispose
git_oidarray_free
git_openssl_set_locking
git_packbuilder_foreach
git_packbuilder_free
git_packbuilder_hash
git_packbuilder_insert
git_packbuilder_insert_commit
git_packbuilder_insert_recur
git_packbuilder_insert_tree
git_packbuilder_insert_walk
git_packbuilder_name
git_packbuilder_new
git_packbuilder_object_count
git_packbuilder_set_callbacks
git_packbuilder_set_threads
git_packbuilder_write
git_packbuilder_write_buf
git_packbuilder_written
git_patch_free
git_patch_from_blob_and_buffer
git_patch_from_blobs
git_patch_from_buffers
git_patch_from_diff
git_patch_get_delta
git_patch_get_hunk
git_patch_get_line_in_hunk
git_patch_line_stats
git_patch_num_hunks
git_patch_num_lines_in_hunk
git_patch_owner
git_patch_print
git_patch_size
git_patch_to_buf
git_path_is_gitfile
git_pathspec_free
git_pathspec_match_diff
git_pathspec_match_index
git_pathspec_match_list_diff_entry
git_pathspec_match_list_entry
git_pathspec_match_list_entrycount
git_pathspec_match_list_failed_entry
git_pathspec_match_list_failed_entrycount
git_pathspec_match_list_free
Sections
.text Size: 6.3MB - Virtual size: 6.3MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2.7MB - Virtual size: 2.7MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 66KB - Virtual size: 77KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 272KB - Virtual size: 272KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ