b887ad9e4665f3304b21f2a543e43d30_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

b887ad9e4665f3304b21f2a543e43d30_NeikiAnalytics
Size

35KB
MD5

b887ad9e4665f3304b21f2a543e43d30
SHA1

b5fbd0582c6de4f41cd5d4ee70d15c7dc5736101
SHA256

56cb96dd4468d00c7089ea0698aa7199ad236c3fcd8de84c5debb85decfa3d79
SHA512

2ab99f86419d1a13ae9b821b465e4ce971e8f85d6f1f5261542db7f15b5bd01e0c409becb9cdaeec92d145950dc61c17c566663a4a7f9dfa3bd1e03647784478
SSDEEP

384:bHnvsacIKdEms7phAR2shWWkjjFLLLkRAVLwU1GasCbXoFQUfxcbFDEO+kL8HUTy:jnvxg7uysMWWk97dFswzo/fjO+kLi2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b887ad9e4665f3304b21f2a543e43d30_NeikiAnalytics

Files

b887ad9e4665f3304b21f2a543e43d30_NeikiAnalytics
.dll windows:6 windows x64 arch:x64

cea99181e9ab47d6ebe2eca522dba827

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\Administrator\runner\builds\gstreamer\cerbero\cerbero-build\sources\msvc_x86_64\gstreamer-1.0\subprojects\gst-plugins-bad\_builddir\gst\midi\gstmidi.pdb

Imports

gstbase-1.0-0

gst_adapter_push
gst_adapter_clear
gst_adapter_take
gst_adapter_available
gst_adapter_new

gstreamer-1.0-0

gst_element_class_set_static_metadata
gst_element_get_type
gst_element_add_pad
gst_element_post_message
_gst_element_error_printf
gst_element_message_full
gst_make_element_message_details
gst_stream_error_quark
_gst_debug_category_new
gst_util_uint64_scale
gst_util_seqnum_next
gst_util_group_id_next
gst_pad_use_fixed_caps
gst_pad_create_stream_id
gst_element_class_add_static_pad_template
gst_element_register
gst_pad_query_default
gst_pad_set_query_function_full
gst_pad_peer_query
gst_pad_stop_task
gst_pad_pause_task
gst_pad_start_task
gst_pad_send_event
gst_pad_event_default
gst_pad_push_event
gst_pad_pull_range
gst_pad_push
gst_pad_get_pad_template_caps
gst_pad_set_event_function_full
gst_pad_set_chain_function_full
gst_pad_set_activatemode_function_full
gst_pad_set_activate_function_full
gst_pad_get_sticky_event
gst_pad_activate_mode
gst_pad_new_from_static_template
gst_pad_get_type
gst_flow_get_name
gst_event_parse_seek
gst_element_message_full_with_details
gst_plugin_register_static
gst_debug_log
gst_event_new_segment
gst_event_new_caps
gst_event_new_eos
gst_event_new_flush_stop
gst_event_new_flush_start
gst_event_parse_group_id
gst_event_set_group_id
gst_event_new_stream_start
gst_event_set_seqnum
gst_event_get_seqnum
gst_event_type_get_name
gst_message_new_segment_start
gst_message_set_seqnum
gst_query_has_scheduling_mode_with_flags
gst_query_new_scheduling
gst_query_set_formats
gst_query_set_seeking
gst_query_set_segment
gst_query_set_duration
gst_query_set_position
gst_segment_do_seek
gst_segment_to_stream_time
gst_segment_init
gst_format_get_name
gst_buffer_unmap
gst_buffer_map
gst_buffer_get_size
gst_buffer_new_allocate
gst_caps_is_fixed
gst_mini_object_unref
_gst_debug_min
GST_CAT_DEFAULT

gobject-2.0-0

g_type_class_peek_parent
g_type_register_static_simple
g_type_class_adjust_private_offset
g_type_check_instance_is_a
g_object_unref
g_type_name

glib-2.0-0

g_intern_static_string
g_mutex_lock
g_mutex_unlock
g_rec_mutex_lock
g_rec_mutex_unlock
g_strndup
g_return_if_fail_warning
g_log
g_list_foreach
g_list_append
g_list_free
g_malloc_n
g_free
g_once_init_leave
g_once_init_enter

intl-8

libintl_bind_textdomain_codeset
libintl_bindtextdomain

vcruntime140

__current_exception
__std_type_info_destroy_list
__C_specific_handler
memcpy
__current_exception_context
memset

api-ms-win-crt-runtime-l1-1-0

_crt_at_quick_exit
_crt_atexit
terminate
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_cexit
_execute_onexit_table

kernel32

GetCurrentThreadId
QueryPerformanceCounter
GetCurrentProcessId
InitializeSListHead
GetSystemTimeAsFileTime
GetModuleHandleW
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
DisableThreadLibraryCalls

Exports

Exports

gst_plugin_midi_get_desc
gst_plugin_midi_register

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cea99181e9ab47d6ebe2eca522dba827

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

gstbase-1.0-0

gstreamer-1.0-0

gobject-2.0-0

glib-2.0-0

intl-8

vcruntime140

api-ms-win-crt-runtime-l1-1-0

kernel32

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 19KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 512B - Virtual size: 488B

.pdata Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 80B

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 512B - Virtual size: 488B

.pdata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 80B