443bd90a5b3bd9db070ae5fb6be539f0_NeikiAnalytics

Sharing

Copy URL

Twitter E-mail

General

Target

443bd90a5b3bd9db070ae5fb6be539f0_NeikiAnalytics
Size

122KB
MD5

443bd90a5b3bd9db070ae5fb6be539f0
SHA1

20ad2e44c13944de0a1c574c2a1c8b4718aa4b69
SHA256

2ca423856ec197b79431529eaa35c610f85a03a1c5f56ccde6e05c44bf04375c
SHA512

a66503bdbdf088928ca5a58206ba8943a3ce187233700af18ce94f7e8de1e26ec1f714d0bb2e046a7b4843e669cde01c4534c7311e801a65541998e4240e976d
SSDEEP

1536:tzML0zP8FXIDgzFSI7d/x1bt6qhlfnUxDtOnPglA:tzMYzTIjp/x1J6ilfnUxDtOI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
443bd90a5b3bd9db070ae5fb6be539f0_NeikiAnalytics

Files

443bd90a5b3bd9db070ae5fb6be539f0_NeikiAnalytics
.exe windows:5 windows x86 arch:x86

9e25910557870c9fe671b72d1751acf3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Program Files (x86)\AMD\OpenGL ES 2.0 Emulator v1.4\Samples\esTriangle\Debug\esTriangle.pdb

Imports

kernel32

SetConsoleScreenBufferSize
GetConsoleScreenBufferInfo
GetStdHandle
AllocConsole
GetModuleHandleA
VirtualQuery
GetModuleFileNameW
GetProcessHeap
HeapAlloc
HeapFree
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
LoadLibraryA
GetProcAddress
lstrlenA
MultiByteToWideChar
WideCharToMultiByte
DebugBreak
RaiseException
IsDebuggerPresent
GetStartupInfoA
InterlockedCompareExchange
Sleep
InterlockedExchange
FreeLibrary

user32

SetForegroundWindow
ShowWindow
CreateWindowExA
MessageBoxA
RegisterClassA
LoadCursorA
LoadIconA
DefWindowProcA
PostQuitMessage
DispatchMessageA
TranslateMessage
PeekMessageA
SetFocus

msvcp90d

?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHPBDH@Z
?eq_int_type@?$char_traits@D@std@@SA_NABH0@Z
?eof@?$char_traits@D@std@@SAHXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?flags@ios_base@std@@QBEHXZ
?width@ios_base@std@@QBEHXZ
?length@?$char_traits@D@std@@SAIPBD@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?good@ios_base@std@@QBE_NXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PADH@Z
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@H@2@XZ
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@JH@Z
??_D?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?fail@ios_base@std@@QBE_NXZ
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
?empty@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE_NXZ
??_D?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??$?6DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
?length@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAM@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?5DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??$getline@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@U_Has_debug_it@01@@Z
?eof@ios_base@std@@QBE_NXZ
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@H@Z
??0_Container_base_secure@std@@QAE@XZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??1_Container_base_secure@std@@QAE@XZ
?_Orphan_all@_Container_base_secure@std@@QBEXXZ
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?_Debug_message@std@@YAXPB_W0I@Z
?width@ios_base@std@@QAEHH@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z

msvcr90d

??2@YAPAXI@Z
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??3@YAXPAX@Z
fclose
malloc
fread
fopen_s
strcpy_s
memset
memcpy
strcmp
_invalid_parameter
_CrtDbgReportW
memmove_s
_CRT_RTC_INITW
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
??0exception@std@@QAE@XZ
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_amsg_exit
__getmainargs
_exit
_XcptFilter
_cexit
_ismbblead
_acmdln
_CrtSetCheckCount
_initterm
_initterm_e
_except_handler4_common
_crt_debugger_hook
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_controlfp_s
_invoke_watson
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABV01@@Z
_CxxThrowException
__CxxFrameHandler3
exit
_open_osfhandle
_fdopen
__iob_func
setvbuf
??_V@YAXPAX@Z
_wassert
free
_configthreadlocale

libegl

eglMakeCurrent
eglCreateWindowSurface
eglChooseConfig
eglGetConfigs
eglInitialize
eglGetDisplay
eglTerminate
eglDestroySurface
eglDestroyContext
eglSwapBuffers
eglCreateContext

libglesv2

glUniform4f
glUniform3f
glUniform2f
glUniform1f
glGetUniformLocation
glGetIntegerv
glFramebufferTexture2D
glFramebufferRenderbuffer
glUniformMatrix4fv
glBindRenderbuffer
glGenRenderbuffers
glBindFramebuffer
glDeleteRenderbuffers
glDeleteFramebuffers
glDeleteProgram
glDeleteShader
glDeleteTextures
glBindAttribLocation
glGenTextures
glActiveTexture
glBindTexture
glTexParameteri
glTexImage2D
glUniform1i
glGenFramebuffers
glCreateProgram
glCreateShader
glAttachShader
glGetShaderInfoLog
glShaderBinary
glLinkProgram
glGetProgramiv
glGetProgramInfoLog
glShaderSource
glCompileShader
glGetShaderiv
glViewport
glClearColor
glClear
glUseProgram
glVertexAttribPointer
glEnableVertexAttribArray
glRenderbufferStorage
glDrawElements

Sections

.textbss
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9e25910557870c9fe671b72d1751acf3

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

msvcp90d

msvcr90d

libegl

libglesv2

Sections

.textbss Size: - Virtual size: 64KB

.text Size: 88KB - Virtual size: 88KB

.rdata Size: 18KB - Virtual size: 17KB

.data Size: 1024B - Virtual size: 2KB

.idata Size: 10KB - Virtual size: 9KB

.rsrc Size: 3KB - Virtual size: 3KB

.textbss
Size: - Virtual size: 64KB

.text
Size: 88KB - Virtual size: 88KB

.rdata
Size: 18KB - Virtual size: 17KB

.data
Size: 1024B - Virtual size: 2KB

.idata
Size: 10KB - Virtual size: 9KB

.rsrc
Size: 3KB - Virtual size: 3KB