4004d50c5cdf21fd697981dd75ce82e0_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

4004d50c5cdf21fd697981dd75ce82e0_NeikiAnalytics
Size

32KB
MD5

4004d50c5cdf21fd697981dd75ce82e0
SHA1

be39cbbd29c770bc39ec0e50fb55818b577ae4d0
SHA256

58eb12a14bd52ab4b2a0b4d8259fe3facce3ea6aba4f55f4759ef570d6aa7ac2
SHA512

85529219ed822dd04cfb9ea239dee7ce1aac485f339f178f247fa60f2cfe2e9d24ca1f8130da27debce3154c4ea2f70efb96f9a5f98147c1276dba85944ba346
SSDEEP

384:a6pLQqVmVMhM/A8iuMtpmeAhGTJJM3w/1xNqVOhGlb5qSYRP4Pba07J16RsDk:jAVMe5TMtpmlhGtbNOVOUP7J16z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4004d50c5cdf21fd697981dd75ce82e0_NeikiAnalytics

Files

4004d50c5cdf21fd697981dd75ce82e0_NeikiAnalytics
.dll windows:6 windows x86 arch:x86

b24fae9482c8146013e440cd6cd9d4d6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

qt5gui

?setOption@QImageIOHandler@@UAEXW4ImageOption@1@ABVQVariant@@@Z
?nextImageDelay@QImageIOHandler@@UBEHXZ
?loopCount@QImageIOHandler@@UBEHXZ
?currentImageRect@QImageIOHandler@@UBE?AVQRect@@XZ
?currentImageNumber@QImageIOHandler@@UBEHXZ
?fromData@QImage@@SA?AV1@ABVQByteArray@@PBD@Z
?save@QImage@@QBE_NPAVQIODevice@@PBDH@Z
?scaled@QImage@@QBE?AV1@ABVQSize@@W4AspectRatioMode@Qt@@W4TransformationMode@4@@Z
?setAlphaChannel@QImage@@QAEXABV1@@Z
?setColorTable@QImage@@QAEXV?$QVector@I@@@Z
?setPixel@QImage@@QAEXHHI@Z
?scanLine@QImage@@QAEPAEH@Z
?height@QImage@@QBEHXZ
?width@QImage@@QBEHXZ
?isNull@QImage@@QBE_NXZ
??4QImage@@QAEAAV0@$$QAV0@@Z
??4QImage@@QAEAAV0@ABV0@@Z
??1QImage@@UAE@XZ
??0QImage@@QAE@$$QAV0@@Z
??0QImage@@QAE@ABV0@@Z
??0QImage@@QAE@HHW4Format@0@@Z
??0QImage@@QAE@XZ
?setFormat@QImageIOHandler@@QBEXABVQByteArray@@@Z
?device@QImageIOHandler@@QBEPAVQIODevice@@XZ
??1QImageIOHandler@@UAE@XZ
??0QImageIOHandler@@QAE@XZ
?staticMetaObject@QImageIOPlugin@@2UQMetaObject@@B
??1QImageIOPlugin@@UAE@XZ
??0QImageIOPlugin@@QAE@PAVQObject@@@Z
?qt_metacall@QImageIOPlugin@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qt_metacast@QImageIOPlugin@@UAEPAXPBD@Z
?setFormat@QImageIOHandler@@QAEXABVQByteArray@@@Z
?setDevice@QImageIOHandler@@QAEXPAVQIODevice@@@Z

qt5core

?shared_null@QArrayData@@2QBU1@B
?skipRawData@QDataStream@@QAEHH@Z
?writeRawData@QDataStream@@QAEHPBDH@Z
??6QDataStream@@QAEAAV0@H@Z
??5QDataStream@@QAEAAV0@AAH@Z
??5QDataStream@@QAEAAV0@AAC@Z
?setByteOrder@QDataStream@@QAEXW4ByteOrder@1@@Z
?status@QDataStream@@QBE?AW4Status@1@XZ
?atEnd@QDataStream@@QBE_NXZ
??1QByteArray@@QAE@XZ
?constData@QByteArray@@QBEPBDXZ
?dynamicMetaObject@QObjectData@@QBEPAUQMetaObject@@XZ
?isOpen@QIODevice@@QBE_NXZ
?isReadable@QIODevice@@QBE_NXZ
?isWritable@QIODevice@@QBE_NXZ
?getAndRef@ExternalRefCountData@QtSharedPointer@@SAPAU12@PBVQObject@@@Z
?childEvent@QObject@@MAEXPAVQChildEvent@@@Z
?connectNotify@QObject@@MAEXABVQMetaMethod@@@Z
?customEvent@QObject@@MAEXPAVQEvent@@@Z
?disconnectNotify@QObject@@MAEXABVQMetaMethod@@@Z
?event@QObject@@UAE_NPAVQEvent@@@Z
?eventFilter@QObject@@UAE_NPAV1@PAVQEvent@@@Z
?timerEvent@QObject@@MAEXPAVQTimerEvent@@@Z
??0QMessageLogger@@QAE@PBDH0@Z
?warning@QMessageLogger@@QBAXPBDZZ
?allocate@QArrayData@@SAPAU1@IIIV?$QFlags@W4AllocationOption@QArrayData@@@@@Z
?deallocate@QArrayData@@SAXPAU1@II@Z
??0QByteArray@@QAE@XZ
??0QByteArray@@QAE@PBDH@Z
??0QByteArray@@QAE@ABV0@@Z
??0QByteArray@@QAE@$$QAV0@@Z
?startsWith@QByteArray@@QBE_NABV1@@Z
?append@QByteArray@@QAEAAV1@D@Z
?append@QByteArray@@QAEAAV1@PBD@Z
?append@QByteArray@@QAEAAV1@ABV1@@Z
?number@QByteArray@@SA?AV1@HH@Z
?number@QByteArray@@SA?AV1@_JH@Z
??0QString@@QAE@ABV0@@Z
??1QString@@QAE@XZ
?at@QString@@QBE?BVQChar@@H@Z
?toLocal8Bit@QString@@QHAE?AVQByteArray@@XZ
?fromLatin1@QString@@SA?AV1@ABVQByteArray@@@Z
?toUInt@QString@@QBEIPA_NH@Z
?read@QIODevice@@QAE?AVQByteArray@@_J@Z
?peek@QIODevice@@QAE?AVQByteArray@@_J@Z
??0QVariant@@QAE@XZ
??0QVariant@@QAE@ABVQByteArray@@@Z
??0QRegularExpression@@QAE@ABVQString@@V?$QFlags@W4PatternOption@QRegularExpression@@@@@Z
??1QRegularExpression@@QAE@XZ
??1QDataStream@@QAE@XZ
??1QRegularExpressionMatch@@QAE@XZ
?hasMatch@QRegularExpressionMatch@@QBE_NXZ
?captured@QRegularExpressionMatch@@QBE?AVQString@@ABV2@@Z
??0QBuffer@@QAE@PAVQByteArray@@PAVQObject@@@Z
??1QBuffer@@UAE@XZ
?open@QBuffer@@UAE_NV?$QFlags@W4OpenModeFlag@QIODevice@@@@@Z
?close@QBuffer@@UAEXXZ
??0QDataStream@@QAE@PAVQIODevice@@@Z
?match@QRegularExpression@@QBE?AVQRegularExpressionMatch@@ABVQString@@HW4MatchType@1@V?$QFlags@W4MatchOption@QRegularExpression@@@@@Z

kernel32

TerminateProcess
GetCurrentProcess
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
GetProcAddress
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
CloseHandle

vcruntime140

memcpy
memset
__vcrt_InitializeCriticalSectionEx
__telemetry_main_invoke_trigger
__telemetry_main_return_trigger
__std_exception_copy
__std_exception_destroy
_CxxThrowException
_except_handler4_common
__std_type_info_destroy_list

api-ms-win-crt-math-l1-1-0

_libm_sse2_sqrt_precise

api-ms-win-crt-heap-l1-1-0

free
_callnewh
malloc

api-ms-win-crt-runtime-l1-1-0

_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_configure_narrow_argv
_cexit
_initterm
_initterm_e
_seh_filter_dll
_crt_atexit

Exports

Exports

qt_plugin_instance
qt_plugin_query_metadata

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qtmetad
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 76B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b24fae9482c8146013e440cd6cd9d4d6

Headers

DLL Characteristics

File Characteristics

Imports

qt5gui

qt5core

kernel32

vcruntime140

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

Exports

Exports

Sections

.text Size: 15KB - Virtual size: 15KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 1KB - Virtual size: 2KB

.qtmetad Size: 512B - Virtual size: 296B

.tls Size: 512B - Virtual size: 9B

.gfids Size: 512B - Virtual size: 76B

.rsrc Size: 1024B - Virtual size: 824B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 15KB - Virtual size: 15KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 1KB - Virtual size: 2KB

.qtmetad
Size: 512B - Virtual size: 296B

.tls
Size: 512B - Virtual size: 9B

.gfids
Size: 512B - Virtual size: 76B

.rsrc
Size: 1024B - Virtual size: 824B

.reloc
Size: 1KB - Virtual size: 1KB