Static task
static1
Behavioral task
behavioral1
Sample
558db338338fcddf0bf7e5b87b5a0030_NeikiAnalytics.exe
Resource
win7-20240419-en
windows7-x64
Behavioral task
behavioral2
Sample
558db338338fcddf0bf7e5b87b5a0030_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
windows10-2004-x64
General
-
Target
558db338338fcddf0bf7e5b87b5a0030_NeikiAnalytics
-
Size
172KB
-
MD5
558db338338fcddf0bf7e5b87b5a0030
-
SHA1
15de8682dc10ddc7eeb8416b395d48256c031012
-
SHA256
efb5800d8cc21c61d9834a29604c51354f9d5f377e5206f44f7ca3545d00177d
-
SHA512
6ee3882c89f2fa76b4cbcde41c2f1fb5656dedf05fb156704510cc533abc3361de7e1158bc585a2ec04f5fe9129b016122e13e39d2417f324e5f3d5146470297
-
SSDEEP
3072:M+fefm2Tu8qH31U8qItd8Bf3uysaJ83AYwMaefLEUpM9HKaSPOIwW2:MVfrFqH31U8LdNy783tbaezEUW9HKaSW
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 558db338338fcddf0bf7e5b87b5a0030_NeikiAnalytics
Files
-
558db338338fcddf0bf7e5b87b5a0030_NeikiAnalytics.exe windows:4 windows x86 arch:x86
83d7c35c144812d3ea80b072bb095851
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
qt5core
_Z21qRegisterResourceDataiPKhS0_S0_
_Z23qUnregisterResourceDataiPKhS0_S0_
_Z5qHashRK10QByteArrayj
_Z5qrandv
_Z9qBadAllocv
_ZN10QArrayData10deallocateEPS_jj
_ZN10QArrayData11shared_nullE
_ZN10QArrayData8allocateEjjj6QFlagsINS_16AllocationOptionEE
_ZN10QByteArray11reallocDataEj6QFlagsIN10QArrayData16AllocationOptionEE
_ZN10QByteArray6expandEi
_ZN10QByteArray6numberEyi
_ZN10QByteArrayC1EPKci
_ZN10QByteArrayC1Eic
_ZN10QByteArrayaSERKS_
_ZN11QFileDevice4seekEx
_ZN11QFileDevice5closeEv
_ZN11QFileDevice5flushEv
_ZN11QMetaObject10ConnectionD1Ev
_ZN11QMetaObject8activateEP7QObjectPKS_iPPv
_ZN12QDirIterator4nextEv
_ZN12QDirIteratorC1ERK7QString6QFlagsIN4QDir6FilterEES3_INS_12IteratorFlagEE
_ZN12QDirIteratorC1ERK7QString6QFlagsINS_12IteratorFlagEE
_ZN12QDirIteratorD1Ev
_ZN16QCoreApplication18applicationDirPathEv
_ZN16QCoreApplication4quitEv
_ZN16QXmlStreamReader18skipCurrentElementEv
_ZN16QXmlStreamReader20readNextStartElementEv
_ZN16QXmlStreamReader22setNamespaceProcessingEb
_ZN16QXmlStreamReaderC1EP9QIODevice
_ZN16QXmlStreamReaderD1Ev
_ZN16QXmlStreamWriter14writeAttributeERK7QStringS2_
_ZN16QXmlStreamWriter15writeEndElementEv
_ZN16QXmlStreamWriter16writeEndDocumentEv
_ZN16QXmlStreamWriter17setAutoFormattingEb
_ZN16QXmlStreamWriter17writeStartElementERK7QString
_ZN16QXmlStreamWriter18writeStartDocumentEv
_ZN16QXmlStreamWriter23setAutoFormattingIndentEi
_ZN16QXmlStreamWriterC1EP9QIODevice
_ZN16QXmlStreamWriterD1Ev
_ZN18QCryptographicHash7addDataERK10QByteArray
_ZN18QCryptographicHashC1ENS_9AlgorithmE
_ZN18QCryptographicHashD1Ev
_ZN19QXmlStreamAttributeD1Ev
_ZN4QDir10setCurrentERK7QString
_ZN4QDirC1ERK7QString
_ZN4QDirD1Ev
_ZN5QFile4openE6QFlagsIN9QIODevice12OpenModeFlagEE
_ZN5QFile6existsERK7QString
_ZN5QFile6removeERK7QString
_ZN5QFile6removeEv
_ZN5QFile6resizeEx
_ZN5QFileC1ERK7QString
_ZN5QFileD1Ev
_ZN7QObject10childEventEP11QChildEvent
_ZN7QObject10timerEventEP11QTimerEvent
_ZN7QObject11customEventEP6QEvent
_ZN7QObject11deleteLaterEv
_ZN7QObject11eventFilterEPS_P6QEvent
_ZN7QObject11qt_metacallEN11QMetaObject4CallEiPPv
_ZN7QObject11qt_metacastEPKc
_ZN7QObject11setPropertyEPKcRK8QVariant
_ZN7QObject13connectNotifyERK11QMetaMethod
_ZN7QObject16disconnectNotifyERK11QMetaMethod
_ZN7QObject16staticMetaObjectE
_ZN7QObject5eventEP6QEvent
_ZN7QObject7connectEPKS_PKcS1_S3_N2Qt14ConnectionTypeE
_ZN7QObjectC2EPS_
_ZN7QObjectD2Ev
_ZN7QString11reallocDataEjb
_ZN7QString13toUtf8_helperERKS_
_ZN7QString14compare_helperEPK5QChariPKciN2Qt15CaseSensitivityE
_ZN7QString15fromUtf8_helperEPKci
_ZN7QString16fromAscii_helperEPKci
_ZN7QString6appendERKS_
_ZN7QString6expandEi
_ZN7QString6insertEi5QChar
_ZN7QString6numberEii
_ZN7QString6numberEyi
_ZN7QStringC1Ei5QChar
_ZN7QStringaSERKS_
_ZN8QProcess4killEv
_ZN8QProcess5startERK7QStringRK11QStringList6QFlagsIN9QIODevice12OpenModeFlagEE
_ZN8QProcessC1EP7QObject
_ZN8QVariantC1ERK10QByteArray
_ZN8QVariantC1ERK7QString
_ZN8QVariantC1Ei
_ZN8QVariantC1Ey
_ZN8QVariantD1Ev
_ZN9QDateTime22currentMSecsSinceEpochEv
_ZN9QFileInfoC1ERKS_
_ZN9QFileInfoD1Ev
_ZN9QHashData11free_helperEPFvPNS_4NodeEE
_ZN9QHashData11shared_nullE
_ZN9QHashData12allocateNodeEi
_ZN9QHashData13detach_helperEPFvPNS_4NodeEPvEPFvS1_Eii
_ZN9QHashData6rehashEi
_ZN9QHashData8freeNodeEPv
_ZN9QHashData8nextNodeEPNS_4NodeE
_ZN9QIODevice4readEPcx
_ZN9QIODevice5writeEPKcx
_ZN9QIODevice7getCharEPc
_ZN9QListData11detach_growEPii
_ZN9QListData11shared_nullE
_ZN9QListData5eraseEPPv
_ZN9QListData6appendEv
_ZN9QListData6detachEi
_ZN9QListData6removeEi
_ZN9QListData7disposeEPNS_4DataE
_ZN9QListData7reallocEi
_ZNK10QByteArray3midEii
_ZNK10QByteArray4leftEi
_ZNK10QByteArray5toHexEv
_ZNK10QByteArray6isNullEv
_ZNK10QStringRef8toStringEv
_ZNK11QMetaObject2trEPKcS1_i
_ZNK11QObjectData17dynamicMetaObjectEv
_ZNK12QDirIterator8fileInfoEv
_ZNK12QDirIterator8fileNameEv
_ZNK16QXmlStreamReader10attributesEv
_ZNK16QXmlStreamReader4nameEv
_ZNK16QXmlStreamReader5errorEv
_ZNK16QXmlStreamWriter8hasErrorEv
_ZNK18QCryptographicHash6resultEv
_ZNK4QDir13entryInfoListE6QFlagsINS_6FilterEES0_INS_8SortFlagEE
_ZNK4QDir5mkdirERK7QString
_ZNK4QDir5rmdirERK7QString
_ZNK4QDir6existsEv
_ZNK5QFile4sizeEv
_ZNK5QFile6existsEv
_ZNK7QObject6senderEv
_ZNK7QObject8propertyEPKc
_ZNK7QString3argERKS_i5QChar
_ZNK7QString3argExii5QChar
_ZNK7QString3argEyii5QChar
_ZNK7QString3midEii
_ZNK7QString4leftEi
_ZNK7QString6toUIntEPbi
_ZNK8QProcess3pidEv
_ZNK8QVariant11toByteArrayEv
_ZNK8QVariant5toIntEPb
_ZNK8QVariant6isNullEv
_ZNK8QVariant7convertEiPv
_ZNK8QVariant8toStringEv
_ZNK8QVariant8userTypeEv
_ZNK8QVariant9constDataEv
_ZNK9QFileInfo16absoluteFilePathEv
_ZNK9QFileInfo4sizeEv
_ZNK9QFileInfo5isDirEv
_ZNK9QFileInfo6isFileEv
_ZeqRK7QStringS1_
qt5gui
_ZN12QFontMetricsC1ERK5QFont
_ZN12QFontMetricsD1Ev
_ZN12QKeySequenceC1Eiiii
_ZN12QKeySequenceD1Ev
_ZN15QGuiApplication25setQuitOnLastWindowClosedEb
_ZN5QIconC1ERK7QString
_ZN5QIconD1Ev
_ZNK12QFontMetrics11lineSpacingEv
_ZNK12QFontMetrics5widthERK7QStringi
_ZNK5QIconcv8QVariantEv
qt5network
_ZN10QTcpServer11qt_metacallEN11QMetaObject4CallEiPPv
_ZN10QTcpServer11qt_metacastEPKc
_ZN10QTcpServer16staticMetaObjectE
_ZN10QTcpServer18incomingConnectionEi
_ZN10QTcpServer21nextPendingConnectionEv
_ZN10QTcpServer6listenERK12QHostAddresst
_ZN10QTcpServerC2EP7QObject
_ZN10QTcpServerD2Ev
_ZN12QHostAddressC1ENS_14SpecialAddressE
_ZN12QHostAddressD1Ev
_ZNK10QTcpServer21hasPendingConnectionsEv
_ZNK12QHostAddress13toIPv4AddressEv
_ZNK12QHostAddress8protocolEv
_ZNK12QHostAddress8toStringEv
_ZNK12QHostAddresseqENS_14SpecialAddressE
_ZNK15QAbstractSocket11peerAddressEv
qt5widgets
_ZN10QBoxLayout9addWidgetEP7QWidgeti6QFlagsIN2Qt13AlignmentFlagEE
_ZN11QGridLayout10setSpacingEi
_ZN11QGridLayout13setRowStretchEii
_ZN11QGridLayout19setRowMinimumHeightEii
_ZN11QGridLayout20setHorizontalSpacingEi
_ZN11QGridLayout21setColumnMinimumWidthEii
_ZN11QGridLayout9addWidgetEP7QWidgetii6QFlagsIN2Qt13AlignmentFlagEE
_ZN11QGridLayout9addWidgetEP7QWidgetiiii6QFlagsIN2Qt13AlignmentFlagEE
_ZN11QGridLayoutC1EP7QWidget
_ZN11QListWidget11insertItemsEiRK11QStringList
_ZN11QListWidgetC1EP7QWidget
_ZN11QMessageBox8criticalEP7QWidgetRK7QStringS4_6QFlagsINS_14StandardButtonEES6_
_ZN11QPushButtonC1ERK7QStringP7QWidget
_ZN11QTreeWidget14setCurrentItemEP15QTreeWidgetItem
_ZN11QTreeWidgetC1EP7QWidget
_ZN11QVBoxLayoutC1EP7QWidget
_ZN12QApplication4execEv
_ZN12QApplicationC1ERiPPci
_ZN12QApplicationD1Ev
_ZN12QProgressBar8setRangeEii
_ZN12QProgressBar8setValueEi
_ZN12QProgressBarC1EP7QWidget
_ZN15QSystemTrayIcon10setToolTipERK7QString
_ZN15QSystemTrayIcon10setVisibleEb
_ZN15QSystemTrayIcon14setContextMenuEP5QMenu
_ZN15QSystemTrayIconC1ERK5QIconP7QObject
_ZN15QTreeWidgetItem11insertChildEiPS_
_ZN15QTreeWidgetItem8addChildEPS_
_ZN15QTreeWidgetItemC1EPS_i
_ZN15QTreeWidgetItemC1Ei
_ZN16QDialogButtonBoxC1E6QFlagsINS_14StandardButtonEEP7QWidget
_ZN5QMenu9addActionERK7QStringPK7QObjectPKcRK12QKeySequence
_ZN5QMenuC1EP7QWidget
_ZN5QMenuD1Ev
_ZN6QLabel7setTextERK7QString
_ZN6QLabelC1ERK7QStringP7QWidget6QFlagsIN2Qt10WindowTypeEE
_ZN7QDialog10closeEventEP11QCloseEvent
_ZN7QDialog10setVisibleEb
_ZN7QDialog11eventFilterEP7QObjectP6QEvent
_ZN7QDialog11qt_metacallEN11QMetaObject4CallEiPPv
_ZN7QDialog11qt_metacastEPKc
_ZN7QDialog11resizeEventEP12QResizeEvent
_ZN7QDialog13keyPressEventEP9QKeyEvent
_ZN7QDialog16contextMenuEventEP17QContextMenuEvent
_ZN7QDialog16staticMetaObjectE
_ZN7QDialog4doneEi
_ZN7QDialog4execEv
_ZN7QDialog4openEv
_ZN7QDialog6acceptEv
_ZN7QDialog6rejectEv
_ZN7QDialog9showEventEP10QShowEvent
_ZN7QDialogC1EP7QWidget6QFlagsIN2Qt10WindowTypeEE
_ZN7QDialogC2EP7QWidget6QFlagsIN2Qt10WindowTypeEE
_ZN7QDialogD1Ev
_ZN7QDialogD2Ev
_ZN7QWidget10enterEventEP6QEvent
_ZN7QWidget10leaveEventEP6QEvent
_ZN7QWidget10paintEventEP11QPaintEvent
_ZN7QWidget10setEnabledEb
_ZN7QWidget10setVisibleEb
_ZN7QWidget10wheelEventEP11QWheelEvent
_ZN7QWidget11actionEventEP12QActionEvent
_ZN7QWidget11changeEventEP6QEvent
_ZN7QWidget11nativeEventERK10QByteArrayPvPl
_ZN7QWidget11qt_metacallEN11QMetaObject4CallEiPPv
_ZN7QWidget11qt_metacastEPKc
_ZN7QWidget11resizeEventEP12QResizeEvent
_ZN7QWidget11tabletEventEP12QTabletEvent
_ZN7QWidget12focusInEventEP11QFocusEvent
_ZN7QWidget13dragMoveEventEP14QDragMoveEvent
_ZN7QWidget13focusOutEventEP11QFocusEvent
_ZN7QWidget13keyPressEventEP9QKeyEvent
_ZN7QWidget13setWindowIconERK5QIcon
_ZN7QWidget14dragEnterEventEP15QDragEnterEvent
_ZN7QWidget14dragLeaveEventEP15QDragLeaveEvent
_ZN7QWidget14mouseMoveEventEP11QMouseEvent
_ZN7QWidget14setWindowTitleERK7QString
_ZN7QWidget15keyReleaseEventEP9QKeyEvent
_ZN7QWidget15mousePressEventEP11QMouseEvent
_ZN7QWidget15setMinimumWidthEi
_ZN7QWidget16contextMenuEventEP17QContextMenuEvent
_ZN7QWidget16inputMethodEventEP17QInputMethodEvent
_ZN7QWidget16setMinimumHeightEi
_ZN7QWidget16staticMetaObjectE
_ZN7QWidget17mouseReleaseEventEP11QMouseEvent
_ZN7QWidget18focusNextPrevChildEb
_ZN7QWidget21mouseDoubleClickEventEP11QMouseEvent
_ZN7QWidget5eventEP6QEvent
_ZN7QWidget8setFocusEN2Qt11FocusReasonE
_ZN7QWidget9dropEventEP10QDropEvent
_ZN7QWidget9hideEventEP10QHideEvent
_ZN7QWidget9moveEventEP10QMoveEvent
_ZN7QWidget9showEventEP10QShowEvent
_ZN7QWidgetC2EPS_6QFlagsIN2Qt10WindowTypeEE
_ZN7QWidgetD2Ev
_ZN8QSpinBox8setRangeEii
_ZN8QSpinBox8setValueEi
_ZN8QSpinBoxC1EP7QWidget
_ZN9QCheckBoxC1ERK7QStringP7QWidget
_ZN9QLineEdit11setEchoModeENS_8EchoModeE
_ZN9QLineEdit11setReadOnlyEb
_ZN9QLineEdit12setMaxLengthEi
_ZN9QLineEdit18setPlaceholderTextERK7QString
_ZN9QLineEdit7setTextERK7QString
_ZN9QLineEdit9selectAllEv
_ZN9QLineEditC1EP7QWidget
_ZN9QTreeView15setHeaderHiddenEb
_ZN9QTreeView9expandAllEv
_ZNK11QListWidget5countEv
_ZNK11QTreeWidget11currentItemEv
_ZNK11QTreeWidget17invisibleRootItemEv
_ZNK15QTreeWidgetItem18executePendingSortEv
_ZNK16QDialogButtonBox6buttonENS_14StandardButtonE
_ZNK7QDialog15minimumSizeHintEv
_ZNK7QDialog8sizeHintEv
_ZNK7QWidget10redirectedEP6QPoint
_ZNK7QWidget11initPainterEP8QPainter
_ZNK7QWidget11paintEngineEv
_ZNK7QWidget11windowTitleEv
_ZNK7QWidget13sharedPainterEv
_ZNK7QWidget14heightForWidthEi
_ZNK7QWidget15minimumSizeHintEv
_ZNK7QWidget16inputMethodQueryEN2Qt16InputMethodQueryE
_ZNK7QWidget17hasHeightForWidthEv
_ZNK7QWidget5winIdEv
_ZNK7QWidget6metricEN12QPaintDevice17PaintDeviceMetricE
_ZNK7QWidget7devTypeEv
_ZNK7QWidget8sizeHintEv
_ZNK8QSpinBox5valueEv
_ZNK9QCheckBox10checkStateEv
_ZNK9QLineEdit4textEv
_ZThn8_NK7QWidget10redirectedEP6QPoint
_ZThn8_NK7QWidget11initPainterEP8QPainter
_ZThn8_NK7QWidget11paintEngineEv
_ZThn8_NK7QWidget13sharedPainterEv
_ZThn8_NK7QWidget6metricEN12QPaintDevice17PaintDeviceMetricE
_ZThn8_NK7QWidget7devTypeEv
libgcc_s_dw2-1
_Unwind_Resume
__deregister_frame_info
__register_frame_info
kernel32
AttachConsole
CloseHandle
DeleteCriticalSection
EnterCriticalSection
FreeConsole
FreeLibrary
GenerateConsoleCtrlEvent
GetCommandLineW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
LocalFree
OpenProcess
QueryPerformanceCounter
SetConsoleCtrlHandler
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
msvcrt
__dllonexit
__getmainargs
__initenv
__lconv_init
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_cexit
_fmode
_initterm
_iob
_lock
_onexit
_unlock
abort
calloc
exit
fprintf
free
fwrite
malloc
memcmp
memcpy
memmove
memset
signal
strcmp
strlen
strncmp
vfprintf
shell32
CommandLineToArgvW
libstdc++-6
_ZTVN10__cxxabiv117__class_type_infoE
_ZTVN10__cxxabiv120__si_class_type_infoE
_ZTVN10__cxxabiv121__vmi_class_type_infoE
_ZdaPv
_ZdlPv
_Znaj
_Znwj
__cxa_begin_catch
__cxa_end_catch
__cxa_rethrow
__gxx_personality_v0
Sections
.text Size: 114KB - Virtual size: 114KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 220B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 19KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.eh_fram Size: 17KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.bss Size: - Virtual size: 1KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 18KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.CRT Size: 512B - Virtual size: 52B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 32B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE