ddf0949a38fbb358ca3626c4da279f00_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

ddf0949a38fbb358ca3626c4da279f00_NeikiAnalytics.exe
Size

280KB
MD5

ddf0949a38fbb358ca3626c4da279f00
SHA1

5e52471ee7a1a9d9aa9d807bede99a73fb3c3405
SHA256

003edcd404d1c3e7703883d7b80661356c811cdd1f2dc8d0a40e72b23ba842c6
SHA512

1b3c5760270a6cee797a68ff2ea89b83ba24ab152794031485415746b57b9ccc3ade1ce8782efb3627d55fcb5686ac774500d4384f61cc446252906b7979a9ac
SSDEEP

6144:c4lgoMZ2/Jo/ifV9aIaOrkse1gEwUMVXp:lIo/tfVlTe6/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ddf0949a38fbb358ca3626c4da279f00_NeikiAnalytics.exe

Files

ddf0949a38fbb358ca3626c4da279f00_NeikiAnalytics.exe
.dll windows:4 windows x64 arch:x64

2747e2a4b0b4e0eb0bb7fafc82d92b45

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Jenkins\jobs\classin_ffmpeg-master-windows\workspace\out_64\bin\avdevice-58.pdb

Imports

advapi32

RegCloseKey
RegDeleteValueA
RegOpenKeyExA

d3d11

D3D11CreateDevice

dxgi

CreateDXGIFactory1

gdi32

BitBlt
CombineRgn
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCA
CreateDIBSection
CreateRectRgn
DeleteDC
DeleteObject
GetCurrentObject
GetDIBColorTable
GetDIBits
GetDeviceCaps
GetObjectA
GetStockObject
SelectObject
StretchDIBits

kernel32

AddVectoredExceptionHandler
CloseHandle
CreateEventA
CreateMutexA
CreateSemaphoreA
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetHandleInformation
GetLastError
GetModuleFileNameA
GetModuleHandleW
GetProcAddress
GetProcessAffinityMask
GetSystemTimeAsFileTime
GetThreadContext
GetThreadPriority
GetTickCount64
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
InitializeCriticalSection
IsDBCSLeadByteEx
IsDebuggerPresent
LeaveCriticalSection
LoadLibraryW
MultiByteToWideChar
OpenProcess
OutputDebugStringA
QueryPerformanceCounter
RaiseException
ReleaseMutex
ReleaseSemaphore
RemoveVectoredExceptionHandler
ResetEvent
ResumeThread
RtlCaptureContext
RtlLookupFunctionEntry
RtlUnwindEx
RtlVirtualUnwind
SetEvent
SetLastError
SetProcessAffinityMask
SetThreadContext
SetThreadPriority
Sleep
SuspendThread
TlsAlloc
TlsGetValue
TlsSetValue
TryEnterCriticalSection
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
__C_specific_handler

msvcrt

___lc_codepage_func
___mb_cur_max_func
__iob_func
_amsg_exit
_beginthreadex
_close
_endthreadex
_errno
_initterm
_lock
_read
_setjmp
_strdup
_ultoa
_unlock
_wcsdup
abort
atoi
calloc
exit
fprintf
fputc
fputs
free
fwrite
_write
localeconv
longjmp
malloc
memchr
memcmp
memcpy
memmove
memset
printf
realloc
signal
strcmp
strerror
strlen
strncmp
strtok
vfprintf
wcscmp
wcscpy
wcslen

ole32

CoCreateInstance
CoGetMalloc
CoInitialize
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
CreateBindCtx
OleLoadFromStream
OleSaveToStream

oleaut32

OleCreatePropertyFrame

shlwapi

SHCreateStreamOnFileA

user32

AdjustWindowRectEx
BeginPaint
CopyIcon
CreateWindowExA
DefWindowProcA
DestroyCursor
DestroyWindow
DispatchMessageA
DrawIcon
DrawIconEx
EndPaint
EnumDisplayMonitors
FindWindowA
FrameRect
GetClientRect
GetCursorInfo
GetDC
GetIconInfo
GetMonitorInfoA
GetSystemMetrics
GetWindowLongPtrA
GetWindowRect
LoadCursorA
MonitorFromPoint
PeekMessageA
ReleaseDC
SendMessageA
SetWindowLongPtrA
SetWindowRgn
ShowWindow

avicap32

capCreateCaptureWindowA
capGetDriverDescriptionA

avcodec-58

av_new_packet
av_packet_unref
avcodec_find_decoder
avpriv_find_pix_fmt
avpriv_get_raw_pix_fmt_tags

avformat-58

av_codec_get_id
av_find_input_format
av_iformat_next
av_oformat_next
avformat_alloc_context
avformat_alloc_output_context2
avformat_free_context
avformat_get_riff_video_tags
avformat_new_stream
avpriv_register_devices
avpriv_set_pts_info

avutil-56

av_default_item_name
av_dict_copy
av_dict_free
av_free
av_freep
av_get_pix_fmt_name
av_gettime
av_log
av_malloc
av_mallocz
av_opt_set_defaults
av_opt_set_dict
av_opt_set_dict2
av_parse_video_rate
av_parse_video_size
av_strdup
av_usleep
avpriv_report_missing_feature

Exports

Exports

av_device_capabilities
av_device_ffversion
av_input_audio_device_next
av_input_video_device_next
av_output_audio_device_next
av_output_video_device_next
avdevice_app_to_dev_control_message
avdevice_capabilities_create
avdevice_capabilities_free
avdevice_configuration
avdevice_dev_to_app_control_message
avdevice_free_list_devices
avdevice_license
avdevice_list_devices
avdevice_list_input_sources
avdevice_list_output_sinks
avdevice_register_all
avdevice_version

Sections

.text
Size: 178KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 700B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.debug
Size: 140B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2747e2a4b0b4e0eb0bb7fafc82d92b45

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

advapi32

d3d11

dxgi

gdi32

kernel32

msvcrt

ole32

oleaut32

shlwapi

user32

avicap32

avcodec-58

avformat-58

avutil-56

Exports

Exports

Sections

.text Size: 178KB - Virtual size: 178KB

.data Size: 1KB - Virtual size: 1KB

.rdata Size: 62KB - Virtual size: 61KB

.pdata Size: 12KB - Virtual size: 12KB

.xdata Size: 12KB - Virtual size: 11KB

.bss Size: - Virtual size: 2KB

.edata Size: 1024B - Virtual size: 700B

.idata Size: 8KB - Virtual size: 8KB

.CRT Size: 512B - Virtual size: 96B

.tls Size: 512B - Virtual size: 16B

.reloc Size: 1KB - Virtual size: 1KB

.debug Size: 140B - Virtual size: 512B

.text
Size: 178KB - Virtual size: 178KB

.data
Size: 1KB - Virtual size: 1KB

.rdata
Size: 62KB - Virtual size: 61KB

.pdata
Size: 12KB - Virtual size: 12KB

.xdata
Size: 12KB - Virtual size: 11KB

.bss
Size: - Virtual size: 2KB

.edata
Size: 1024B - Virtual size: 700B

.idata
Size: 8KB - Virtual size: 8KB

.CRT
Size: 512B - Virtual size: 96B

.tls
Size: 512B - Virtual size: 16B

.reloc
Size: 1KB - Virtual size: 1KB

.debug
Size: 140B - Virtual size: 512B