54d377a20e8b452a19b0c2e0863af450_NeikiAnalytics

Sharing

Copy URL

Twitter E-mail

General

Target

54d377a20e8b452a19b0c2e0863af450_NeikiAnalytics
Size

15KB
MD5

54d377a20e8b452a19b0c2e0863af450
SHA1

979c4005cf0eb43bed46975184cc710e91d30363
SHA256

eccb61ccaed854b180895041cebd65c8c0d731655c5ef5b727c70167dfc64414
SHA512

75ee019935217e89c65ff4ba54b3537d59114e97a5628f0f8dd8adcba84ef242d6edd97f30b16fc9f5ffb9aa3f563d2750ef583ffb27f3795e014ba78b68c3af
SSDEEP

192:5X1HL1MIr7mVPftc8MlT+V5wPIo+V4krY8cqEX:5lpMW7QPBC+E3+KQ2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
54d377a20e8b452a19b0c2e0863af450_NeikiAnalytics

Files

54d377a20e8b452a19b0c2e0863af450_NeikiAnalytics
.dll windows:6 windows x64 arch:x64

aed64f9165b107a84892fe99408e5e09

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kvirc.exe

?process@KviKvsParameterProcessor@@YA_NPEAVKviKvsVariantList@@PEAVKviKvsRunTimeContext@@PEAVParameterFormat@1@@Z
?g_pApp@@3PEAVKviApplication@@EA
?nextSelectedNickname@KviUserListView@@QEAAPEAVQString@@XZ
?firstSelectedNickname@KviUserListView@@QEAAPEAVQString@@XZ
?ensureVisible@KviUserListView@@QEAAXAEBVQString@@@Z
?select@KviUserListView@@QEAAXAEBVQString@@@Z
?kvsRegisterFunction@KviKvsModuleInterface@@QEAAXAEBVQString@@P6A_NPEAVKviKvsModuleFunctionCall@@@Z@Z
?kvsRegisterSimpleCommand@KviKvsModuleInterface@@QEAAXAEBVQString@@P6A_NPEAVKviKvsModuleCommandCall@@@Z@Z
?hasSwitch@KviKvsModuleCommandCall@@QEAA_NGAEBVQString@@@Z
?findWindow@KviApplication@@QEAAPEAVKviWindow@@AEBVQString@@@Z
?warning@KviKvsRunTimeCall@@QEAAXVQString@@ZZ
?count@KviKvsVariantList@@QEAAIXZ
?set@KviKvsArray@@QEAAX_KPEAVKviKvsVariant@@@Z
??0KviKvsArray@@QEAA@XZ
?setNothing@KviKvsVariant@@QEAAXXZ
?setArray@KviKvsVariant@@QEAAXPEAVKviKvsArray@@@Z
??0KviKvsVariant@@QEAA@AEBVQString@@_N@Z

kvilib

??3KviHeapObject@@SAXPEAX@Z
?translateToQString@KviMessageCatalogue@@QEAAAEBVQString@@PEBD@Z
?instance@KviLocale@@SAPEAV1@XZ
?translateToQString@KviLocale@@QEAAAEBVQString@@PEBD0@Z
?g_pMainCatalogue@@3PEAVKviMessageCatalogue@@EA
??2KviHeapObject@@SAPEAX_K@Z

qt6core

??1QByteArray@@QEAA@XZ
?data@QByteArray@@QEAAPEADXZ
??0QString@@QEAA@XZ
??0QString@@QEAA@AEBV0@@Z
??1QString@@QEAA@XZ
?toUtf8@QString@@QEGBA?AVQByteArray@@XZ
??0QString@@QEAA@PEBD@Z

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__std_type_info_destroy_list
memset
__C_specific_handler
memcpy

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_cexit
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_initialize_narrow_environment
_execute_onexit_table

kernel32

RtlVirtualUnwind
RtlLookupFunctionEntry
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlCaptureContext

Exports

Exports

KVIrc_module_info

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aed64f9165b107a84892fe99408e5e09

Headers

DLL Characteristics

File Characteristics

Imports

kvirc.exe

kvilib

qt6core

vcruntime140_1

vcruntime140

api-ms-win-crt-runtime-l1-1-0

kernel32

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 5KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 512B - Virtual size: 504B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 512B - Virtual size: 68B

.text
Size: 6KB - Virtual size: 5KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 512B - Virtual size: 504B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 512B - Virtual size: 68B