5276373ea1c77ce2db6ec1cd692b6fd0_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

5276373ea1c77ce2db6ec1cd692b6fd0_NeikiAnalytics.exe
Size

2.1MB
MD5

5276373ea1c77ce2db6ec1cd692b6fd0
SHA1

25a02c8dc4967893126494d90cd44ac25744152c
SHA256

da269c345f21ec468d2b9a9ae90755b8994ef37c14d42a38975b74c6c45a937e
SHA512

0fd3bfa091516ed7107cf38eab9ebd2f6b85a3022afc35cd78cfaa81a45363bcc448f3b809b79908a34f7abff235eb2e9f364639f26833c014f6a8b1e0f2dc8a
SSDEEP

24576:aC2ajHkh/yDtmX149ukVUIiIL+tZI7ppG4bgU9nRVtbVDTcBPtan:HHMgtjGIXL+tZI7plfY+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5276373ea1c77ce2db6ec1cd692b6fd0_NeikiAnalytics.exe

Files

5276373ea1c77ce2db6ec1cd692b6fd0_NeikiAnalytics.exe
.dll windows:4 windows x64 arch:x64

e3205e06794c6c7743b3983bbc438a94

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

libvlccore

aout_ChannelReorder
aout_CheckChannelReorder
demux_vaControlHelper
es_format_Clean
es_format_Init
var_Inherit
vlc_ancillary_CreateWithFreeCb
vlc_clone
vlc_closedir
vlc_cond_init
vlc_cond_signal
vlc_cond_wait
vlc_fourcc_GetCodecAudio
vlc_frame_Alloc
vlc_frame_AttachAncillary
vlc_frame_CopyProperties
vlc_frame_Realloc
vlc_frame_Release
vlc_input_attachment_Hold
vlc_input_attachment_New
vlc_input_attachment_Release
vlc_join
vlc_meta_Delete
vlc_meta_Merge
vlc_meta_New
vlc_meta_Set
vlc_meta_SetExtra
vlc_mutex_init
vlc_mutex_lock
vlc_mutex_unlock
vlc_object_Log
vlc_object_vaLog
vlc_opendir
vlc_path2uri
vlc_readdir
vlc_restorecancel
vlc_savecancel
vlc_stream_Delete
vlc_stream_MemoryNew
vlc_stream_NewURL
vlc_stream_Peek
vlc_stream_Read
vlc_stream_Seek
vlc_stream_Tell
vlc_stream_vaControl
vlc_thread_set_name
vlc_ureduce

advapi32

CryptAcquireContextA
CryptGenRandom
CryptReleaseContext

kernel32

AddVectoredExceptionHandler
CloseHandle
CreateEventA
CreateSemaphoreA
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetHandleInformation
GetLastError
GetModuleHandleW
GetProcAddress
GetProcessAffinityMask
GetSystemTimeAsFileTime
GetThreadContext
GetThreadPriority
GetTickCount
InitializeCriticalSection
IsDBCSLeadByteEx
IsDebuggerPresent
LeaveCriticalSection
LoadLibraryW
MultiByteToWideChar
OpenProcess
OutputDebugStringA
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReleaseSemaphore
RemoveVectoredExceptionHandler
ResetEvent
ResumeThread
RtlCaptureContext
RtlLookupFunctionEntry
RtlUnwindEx
RtlVirtualUnwind
SetEvent
SetLastError
SetProcessAffinityMask
SetThreadContext
SetThreadPriority
Sleep
SuspendThread
TlsAlloc
TlsGetValue
TlsSetValue
TryEnterCriticalSection
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
__C_specific_handler

msvcrt

___lc_codepage_func
___mb_cur_max_func
__iob_func
__setusermatherr
_amsg_exit
_assert
_atoi64
_beginthreadex
_endthreadex
_errno
_exit
_filelengthi64
_fileno
_fstat64
_gmtime64
_initterm
_lock
_lseeki64
_setjmp
_stricmp
_strnicmp
_ultoa
_unlock
_wassert
_wfopen
abort
calloc
exit
fclose
fflush
fgetpos
fopen
fprintf
fputc
fputs
fread
free
fseek
fsetpos
ftell
fwrite
getc
getwc
islower
isspace
isupper
iswctype
isxdigit
localeconv
malloc
memchr
memcmp
memcpy
memmove
memset
printf
putc
putwc
realloc
setlocale
setvbuf
signal
strcat
strchr
strcmp
strcoll
strcspn
strerror
strftime
strlen
strncmp
strstr
strtol
strtoul
strxfrm
tolower
toupper
towlower
towupper
ungetc
ungetwc
vfprintf
wcscoll
wcsftime
wcslen
wcsxfrm
longjmp
_write
_strdup
_read
_open
_fileno
_fdopen
_close

Exports

Exports

vlc_entry
vlc_entry_api_version
vlc_entry_copyright
vlc_entry_license

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 230KB - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 138KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 167KB - Virtual size: 167KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e3205e06794c6c7743b3983bbc438a94

Headers

DLL Characteristics

File Characteristics

Imports

libvlccore

advapi32

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.data Size: 12KB - Virtual size: 11KB

.rdata Size: 230KB - Virtual size: 230KB

.pdata Size: 138KB - Virtual size: 138KB

.xdata Size: 167KB - Virtual size: 167KB

.bss Size: - Virtual size: 40KB

.edata Size: 512B - Virtual size: 168B

.idata Size: 7KB - Virtual size: 7KB

.CRT Size: 512B - Virtual size: 96B

.tls Size: 512B - Virtual size: 16B

.rsrc Size: 1024B - Virtual size: 928B

.reloc Size: 21KB - Virtual size: 20KB

/4 Size: 512B - Virtual size: 28B

.text
Size: 1.5MB - Virtual size: 1.5MB

.data
Size: 12KB - Virtual size: 11KB

.rdata
Size: 230KB - Virtual size: 230KB

.pdata
Size: 138KB - Virtual size: 138KB

.xdata
Size: 167KB - Virtual size: 167KB

.bss
Size: - Virtual size: 40KB

.edata
Size: 512B - Virtual size: 168B

.idata
Size: 7KB - Virtual size: 7KB

.CRT
Size: 512B - Virtual size: 96B

.tls
Size: 512B - Virtual size: 16B

.rsrc
Size: 1024B - Virtual size: 928B

.reloc
Size: 21KB - Virtual size: 20KB

/4
Size: 512B - Virtual size: 28B