362fcb307e837ba517c5b4b588612730_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

362fcb307e837ba517c5b4b588612730_NeikiAnalytics.exe
Size

55KB
MD5

362fcb307e837ba517c5b4b588612730
SHA1

ec890513036ba003a0c73bb4e0f66b48ef5e1277
SHA256

618e3047a200cb38d3a33827dec79fa75f0d7ad64acde99efb6440ff33b25c07
SHA512

0087f4f29b51ae22bd87d416fe3a044c9261910386dc81290fdebceb39880703944c564f3a52cbf5494a4798b73459586efd65b0c80d770c9beb41b123df75b4
SSDEEP

768:avE3rooK8ybng28MXhdffPT//iYniFwmUPeYPzCg2VSOF+OG+wxYLOlNSUV5E:ac3MRX7nrQFLUGMzCgYOlNb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
362fcb307e837ba517c5b4b588612730_NeikiAnalytics.exe

Files

362fcb307e837ba517c5b4b588612730_NeikiAnalytics.exe
.dll windows:5 windows x64 arch:x64

be13e423ca4a739cf1aa173cab6cae87

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

imgproc

?Duplicate@CImageFormat@@QEAAPEAV1@XZ
??1CImageFormat@@QEAA@XZ
?Create@CImageFormat@@SAPEAV1@W4UCI_VIDEO_FORMAT@@KHHH@Z
?GetImage@CImageFormat@@QEAAPEAXH@Z
?convertToByte@CImageProcessor@@QEAAPEAV1@H@Z
?Create@CImageFormat@@SAPEAV1@W4UCI_VIDEO_FORMAT@@KPEAPEAVCImageProcessor@@HH@Z
?convertToWord@CImageProcessor@@QEAAPEAV1@H@Z
?getSize@CImageProcessor@@QEAAHXZ
?GetBandHorOffset@CImageFormat@@SAHW4UCI_VIDEO_FORMAT@@KH@Z
?GetBandSize@CImageFormat@@QEBAHXZ
?GetThisClass@CByteProcessor@@SAPEAUCRuntimeClass@@XZ
?GetThisClass@CWordProcessor@@SAPEAUCRuntimeClass@@XZ
?setRoi@CImageProcessor@@QEAAXAEAVCRect@@@Z
?resetRoi@CImageProcessor@@QEAAXXZ
??XCImageProcessor@@QEAAXN@Z

mfc90

ord6348
ord5701
ord2065
ord2110
ord4429
ord6407
ord3892
ord6409
ord4112
ord4136
ord5499
ord3923
ord1966
ord3002
ord5344
ord5346
ord2303
ord4041
ord4677
ord5350
ord5333
ord5684
ord2602
ord1023
ord2904
ord4410
ord2780
ord2907
ord2605
ord2711
ord2598
ord3809
ord3810
ord3800
ord2709
ord4042
ord4586
ord4363
ord3418
ord4045
ord1060
ord320
ord3921
ord771
ord577
ord3774
ord266
ord265
ord2797
ord5220
ord592
ord1239
ord1963
ord1205
ord1203
ord1229
ord1146
ord1195
ord379
ord1118
ord1238
ord1236
ord1111
ord1052
ord1103
ord321
ord779
ord778
ord3897

msvcr90

memcpy
__clean_type_info_names_internal
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
__crt_debugger_hook
?terminate@@YAXXZ
__CppXcptFilter
_amsg_exit
_encoded_null
free
_initterm_e
_initterm
_malloc_crt
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
__C_specific_handler
??2@YAPEAX_K@Z
__CxxFrameHandler3
memset

kernel32

RtlVirtualUnwind
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
LocalFree
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
Sleep
LocalAlloc

Exports

Exports

ConvertImageFormat
DocBayer_Demosaicing
OrcWB_ApplyBayer
OrcWB_ApplyBayerPlane
OrcWB_SetRoiSize
isBayer_Bilinear

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

be13e423ca4a739cf1aa173cab6cae87

Headers

DLL Characteristics

File Characteristics

Imports

imgproc

mfc90

msvcr90

kernel32

Exports

Exports

Sections

.text Size: 38KB - Virtual size: 38KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 2KB - Virtual size: 136KB

.pdata Size: 2KB - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 864B

.text
Size: 38KB - Virtual size: 38KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 2KB - Virtual size: 136KB

.pdata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 864B