a1d148726a3e6ebd5e8498f39072df30_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

a1d148726a3e6ebd5e8498f39072df30_NeikiAnalytics.exe
Size

26KB
MD5

a1d148726a3e6ebd5e8498f39072df30
SHA1

58ef71974e98e644ec7d3f30c5fd91d8ff4f5a43
SHA256

2fd21307704bc436c80d6b7c7acf8706daa1d140af39362457dc7008253b7f3f
SHA512

063135c892a6d61649bef900e71bb8a9193d604fbfb71696d1fd9693186dc41cd368b7f9d465ba8ca0de2ad0844420156355df9560697593de7db11fdfb4e206
SSDEEP

768:WymQnK3gRGoZ3nnongmIVcsSN4COlxgQmsy2se:Bv9Go1nHmNPOlv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a1d148726a3e6ebd5e8498f39072df30_NeikiAnalytics.exe

Files

a1d148726a3e6ebd5e8498f39072df30_NeikiAnalytics.exe
.dll windows:5 windows x64 arch:x64

e6072752cc26c3064caca85109bed456

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

libufun

UF_DISP_refresh
UF_UI_is_listing_window_open
UF_UI_open_listing_window
UF_UI_write_listing_window
UF_OBJ_set_name
UF_VEC3_is_parallel
UF_CSYS_map_point
UF_VEC3_distance_to_plane
UF_MTX3_z_vec
UF_VEC3_is_equal
UF_OBJ_ask_type_and_subtype
UF_OBJ_cycle_objs_in_part
UF_MODL_create_list
UF_VIEW_ask_visible_objects
UF_MODL_put_list_item
UF_free
UF_MODL_delete_list
UF_UNDO_undo_to_last_mark
UF_UNDO_delete_mark
UF_MODL_ask_list_item
UF_MODL_ask_bounding_box_exact
UF_free_string_array
UF_initialize
UF_terminate
UF_PART_ask_display_part
UF_UNDO_set_mark
UF_OBJ_ask_name
UF_get_fail_message
UF_ask_application_module
UF_OBJ_delete_object
UF_CSYS_ask_wcs
UF_CSYS_ask_csys_info
UF_CSYS_ask_matrix_values
UF_MTX3_x_vec
UF_MTX3_y_vec

libugopenint

UF_DISP_get_conehead_attrb
UF_DISP_set_conehead_attrb
UF_DISP_labeled_conehead
UF_UI_set_status
uc1601
UF_UI_set_prompt

libufun_cam

UF_PARAM_ask_tag_value
UF_CAM_is_session_initialized
UF_CAM_init_session
UF_SETUP_ask_setup
UF_SETUP_create
UF_CAM_opt_ask_types
UF_OPER_create
UF_CAM_ask_clear_plane_status
UF_NCGROUP_ask_object_of_name
UF_CAM_set_clear_plane_data
UF_CAM_ask_clear_plane_data
UF_NCGROUP_accept_member
UF_NCGROUP_can_accept_member
UF_SETUP_ask_geom_root
UF_PARAM_set_tag_value
UF_NCGEOM_create
UF_CAM_opt_ask_object
UF_PARAM_generate

libugopenint_cam

UF_UI_ONT_refresh

msvcr100

__C_specific_handler
_onexit
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
?terminate@@YAXXZ
__crt_debugger_hook
strstr
sprintf
memset
??_V@YAXPEAX@Z
__CxxFrameHandler3
??_U@YAPEAX_K@Z
memcpy
??3@YAXPEAX@Z
free
_malloc_crt
_initterm
_initterm_e
_encoded_null
_amsg_exit
_stricmp
__CppXcptFilter

msvcp100

?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?endl@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@1@AEAV21@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?ends@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@1@AEAV21@@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?uncaught_exception@std@@YA_NXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?_Ios_base_dtor@ios_base@std@@CAXPEAV12@@Z
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
??_7ios_base@std@@6B@
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_BADOFF@std@@3_JB
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ

kernel32

RtlLookupFunctionEntry
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
RtlCaptureContext
EncodePointer
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
Sleep
DecodePointer

Exports

Exports

ufusr
ufusr_ask_unload

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 672B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 696B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 142B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e6072752cc26c3064caca85109bed456

Headers

DLL Characteristics

File Characteristics

Imports

libufun

libugopenint

libufun_cam

libugopenint_cam

msvcr100

msvcp100

kernel32

Exports

Exports

Sections

.text Size: 11KB - Virtual size: 11KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 1024B - Virtual size: 672B

.rsrc Size: 1024B - Virtual size: 696B

.reloc Size: 512B - Virtual size: 142B

.text
Size: 11KB - Virtual size: 11KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 1024B - Virtual size: 672B

.rsrc
Size: 1024B - Virtual size: 696B

.reloc
Size: 512B - Virtual size: 142B