27df05d2a7591110bc2e78a4ae14ca80_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

27df05d2a7591110bc2e78a4ae14ca80_NeikiAnalytics.exe
Size

180KB
MD5

27df05d2a7591110bc2e78a4ae14ca80
SHA1

96dc2a7e54a37d5ff4f52fb91a02f5accceff2ba
SHA256

ea1133e3edf2650c709fb2b3588a0a162e6d846975966ceb55a0417415c93585
SHA512

3f916d9f5103291528955d69dd96436e458dfbb1b81e900433a0a6dc8d019b53ce7c0a851d5d69395b40b8b0972ff290be256e7189caa125ffc2fb155630c5b7
SSDEEP

3072:KyfiHQzLwtbC6bOjoeDs6mmn+6ed5vPxVpj3BtBxNSeWsqFayMQCDl0:dfiHQzLwtbC6bOjoeDRed5vJVJBtBxNY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27df05d2a7591110bc2e78a4ae14ca80_NeikiAnalytics.exe

Files

27df05d2a7591110bc2e78a4ae14ca80_NeikiAnalytics.exe
.exe windows:5 windows x86 arch:x86

7e6af22c0a136c5001d6c230f3ced0c1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

qtgui4

?qt_metacall@QLabel@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?event@QLabel@@MAE_NPAVQEvent@@@Z
?sizeHint@QLabel@@UBE?AVQSize@@XZ
?minimumSizeHint@QLabel@@UBE?AVQSize@@XZ
?heightForWidth@QLabel@@UBEHH@Z
?mousePressEvent@QLabel@@MAEXPAVQMouseEvent@@@Z
?mouseReleaseEvent@QLabel@@MAEXPAVQMouseEvent@@@Z
?mouseMoveEvent@QLabel@@MAEXPAVQMouseEvent@@@Z
?keyPressEvent@QLabel@@MAEXPAVQKeyEvent@@@Z
?focusInEvent@QLabel@@MAEXPAVQFocusEvent@@@Z
?focusOutEvent@QLabel@@MAEXPAVQFocusEvent@@@Z
?paintEvent@QLabel@@MAEXPAVQPaintEvent@@@Z
?contextMenuEvent@QLabel@@MAEXPAVQContextMenuEvent@@@Z
?changeEvent@QLabel@@MAEXPAVQEvent@@@Z
?focusNextPrevChild@QLabel@@MAE_N_N@Z
??1QVBoxLayout@@UAE@XZ
?releaseDC@QWidget@@UBEXPAUHDC__@@@Z
?move@QWidget@@QAEXABVQPoint@@@Z
?start@QMovie@@QAEXXZ
?setMovie@QLabel@@QAEXPAVQMovie@@@Z
??0QMovie@@QAE@ABVQString@@ABVQByteArray@@PAVQObject@@@Z
??1QPixmap@@UAE@XZ
?size@QPixmap@@QBE?AVQSize@@XZ
??0QPixmap@@QAE@ABVQString@@PBDV?$QFlags@W4ImageConversionFlag@Qt@@@@@Z
?setAttribute@QWidget@@QAEXW4WidgetAttribute@Qt@@_N@Z
??0QFrame@@QAE@PAVQWidget@@V?$QFlags@W4WindowType@Qt@@@@@Z
?metaObject@QMovie@@UBEPBUQMetaObject@@XZ
?qt_metacast@QMovie@@UAEPAXPBD@Z
?qt_metacall@QMovie@@UAEHW4Call@QMetaObject@@HPAPAX@Z
??1QMovie@@UAE@XZ
?qt_metacast@QFrame@@UAEPAXPBD@Z
?qt_metacall@QFrame@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?staticMetaObject@QFrame@@2UQMetaObject@@B
?metaObject@QLabel@@UBEPBUQMetaObject@@XZ
?spacerItem@QLayoutItem@@UAEPAVQSpacerItem@@XZ
?layout@QLayout@@UAEPAV1@XZ
?widget@QLayoutItem@@UAEPAVQWidget@@XZ
?invalidate@QBoxLayout@@UAEXXZ
?minimumHeightForWidth@QBoxLayout@@UBEHH@Z
?heightForWidth@QBoxLayout@@UBEHH@Z
?metric@QWidget@@MBEHW4PaintDeviceMetric@QPaintDevice@@@Z
?hasHeightForWidth@QBoxLayout@@UBE_NXZ
?isEmpty@QLayout@@UBE_NXZ
?geometry@QLayout@@UBE?AVQRect@@XZ
?setGeometry@QBoxLayout@@UAEXABVQRect@@@Z
?expandingDirections@QBoxLayout@@UBE?AV?$QFlags@W4Orientation@Qt@@@@XZ
?maximumSize@QBoxLayout@@UBE?AVQSize@@XZ
?minimumSize@QBoxLayout@@UBE?AVQSize@@XZ
?sizeHint@QBoxLayout@@UBE?AVQSize@@XZ
?count@QBoxLayout@@UBEHXZ
?indexOf@QLayout@@UBEHPAVQWidget@@@Z
?takeAt@QBoxLayout@@UAEPAVQLayoutItem@@H@Z
?itemAt@QBoxLayout@@UBEPAVQLayoutItem@@H@Z
?addItem@QBoxLayout@@UAEXPAVQLayoutItem@@@Z
?childEvent@QLayout@@MAEXPAVQChildEvent@@@Z
?qt_metacall@QVBoxLayout@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qt_metacast@QVBoxLayout@@UAEPAXPBD@Z
?metaObject@QVBoxLayout@@UBEPBUQMetaObject@@XZ
?getDC@QWidget@@UBEPAUHDC__@@XZ
?paintEngine@QWidget@@UBEPAVQPaintEngine@@XZ
?devType@QWidget@@UBEHXZ
?languageChange@QWidget@@MAEXXZ
?windowActivationChange@QWidget@@MAEX_N@Z
?fontChange@QWidget@@MAEXABVQFont@@@Z
?paletteChange@QWidget@@MAEXABVQPalette@@@Z
?enabledChange@QWidget@@MAEX_N@Z
?styleChange@QWidget@@MAEXAAVQStyle@@@Z
?focusNextPrevChild@QWidget@@MAE_N_N@Z
?inputMethodQuery@QWidget@@UBE?AVQVariant@@W4InputMethodQuery@Qt@@@Z
?inputMethodEvent@QWidget@@MAEXPAVQInputMethodEvent@@@Z
?changeEvent@QFrame@@MAEXPAVQEvent@@@Z
?winEvent@QWidget@@MAE_NPAUtagMSG@@PAJ@Z
?hideEvent@QWidget@@MAEXPAVQHideEvent@@@Z
?showEvent@QWidget@@MAEXPAVQShowEvent@@@Z
?dropEvent@QWidget@@MAEXPAVQDropEvent@@@Z
?dragLeaveEvent@QWidget@@MAEXPAVQDragLeaveEvent@@@Z
?dragMoveEvent@QWidget@@MAEXPAVQDragMoveEvent@@@Z
?dragEnterEvent@QWidget@@MAEXPAVQDragEnterEvent@@@Z
?actionEvent@QWidget@@MAEXPAVQActionEvent@@@Z
?tabletEvent@QWidget@@MAEXPAVQTabletEvent@@@Z
?contextMenuEvent@QWidget@@MAEXPAVQContextMenuEvent@@@Z
?closeEvent@QWidget@@MAEXPAVQCloseEvent@@@Z
?resizeEvent@QWidget@@MAEXPAVQResizeEvent@@@Z
?moveEvent@QWidget@@MAEXPAVQMoveEvent@@@Z
?paintEvent@QFrame@@MAEXPAVQPaintEvent@@@Z
?leaveEvent@QWidget@@MAEXPAVQEvent@@@Z
?enterEvent@QWidget@@MAEXPAVQEvent@@@Z
?focusOutEvent@QWidget@@MAEXPAVQFocusEvent@@@Z
?focusInEvent@QWidget@@MAEXPAVQFocusEvent@@@Z
?keyReleaseEvent@QWidget@@MAEXPAVQKeyEvent@@@Z
?keyPressEvent@QWidget@@MAEXPAVQKeyEvent@@@Z
?wheelEvent@QWidget@@MAEXPAVQWheelEvent@@@Z
?mouseMoveEvent@QWidget@@MAEXPAVQMouseEvent@@@Z
?mouseDoubleClickEvent@QWidget@@MAEXPAVQMouseEvent@@@Z
?mouseReleaseEvent@QWidget@@MAEXPAVQMouseEvent@@@Z
?mousePressEvent@QWidget@@MAEXPAVQMouseEvent@@@Z
?heightForWidth@QWidget@@UBEHH@Z
?minimumSizeHint@QWidget@@UBE?AVQSize@@XZ
?sizeHint@QFrame@@UBE?AVQSize@@XZ
?setVisible@QWidget@@UAEX_N@Z
?event@QFrame@@MAE_NPAVQEvent@@@Z
??1QFrame@@UAE@XZ
?setWindowTitle@QWidget@@QAEXABVQString@@@Z
??0QApplication@@QAE@AAHPAPADH@Z
?show@QWidget@@QAEXXZ
?resize@QWidget@@QAEXABVQSize@@@Z
??0QVBoxLayout@@QAE@PAVQWidget@@@Z
?setSpacing@QBoxLayout@@QAEXH@Z
?setContentsMargins@QLayout@@QAEXHHHH@Z
??0QLabel@@QAE@PAVQWidget@@V?$QFlags@W4WindowType@Qt@@@@@Z
?setScaledContents@QLabel@@QAEX_N@Z
?setAlignment@QLabel@@QAEXV?$QFlags@W4AlignmentFlag@Qt@@@@@Z
?addWidget@QBoxLayout@@QAEXPAVQWidget@@HV?$QFlags@W4AlignmentFlag@Qt@@@@@Z
?qt_metacast@QLabel@@UAEPAXPBD@Z
?exec@QApplication@@SAHXZ
??1QLabel@@UAE@XZ
??1QApplication@@UAE@XZ

qtcore4

?fromUtf8@QString@@SA?AV1@PBDH@Z
?toLocal8Bit@QString@@QBE?AVQByteArray@@XZ
?detach@QByteArray@@QAEXXZ
?qWinMain@@YAXPAUHINSTANCE__@@0PADHAAHAAV?$QVector@PAD@@@Z
?reallocate@QVectorData@@SAPAU1@PAU1@HHH@Z
?qMemSet@@YAPAXPAXHI@Z
?allocate@QVectorData@@SAPAU1@HH@Z
?qBadAlloc@@YAXXZ
?free@QVectorData@@SAXPAU1@H@Z
?shared_null@QByteArray@@0UData@1@A
?qFree@@YAXPAX@Z
?singleShot@QTimer@@SAXHPAVQObject@@PBD@Z
??1QByteArray@@QAE@XZ
?event@QObject@@UAE_NPAVQEvent@@@Z
?objectName@QObject@@QBE?AVQString@@XZ
?setObjectName@QObject@@QAEXABVQString@@@Z
?connectSlotsByName@QMetaObject@@SAXPAVQObject@@@Z
?disconnectNotify@QObject@@MAEXPBD@Z
?connectNotify@QObject@@MAEXPBD@Z
?customEvent@QObject@@MAEXPAVQEvent@@@Z
?childEvent@QObject@@MAEXPAVQChildEvent@@@Z
?timerEvent@QObject@@MAEXPAVQTimerEvent@@@Z
?eventFilter@QObject@@UAE_NPAV1@PAVQEvent@@@Z
?exit@QCoreApplication@@SAXH@Z
?translate@QCoreApplication@@SA?AVQString@@PBD00W4Encoding@1@@Z
?fromAscii_helper@QString@@CAPAUData@1@PBDH@Z
?toInt@QString@@QBEHPA_NH@Z
?free@QString@@CAXPAUData@1@@Z
??0QFileInfo@@QAE@ABVQString@@@Z
?exists@QFileInfo@@QBE_NXZ
??1QFileInfo@@QAE@XZ
??1QString@@QAE@XZ
?fromWCharArray@QString@@SA?AV1@PBGH@Z

msvcr90

memcpy
_controlfp_s
_invoke_watson
_except_handler4_common
_decode_pointer
_onexit
_lock
__dllonexit
_unlock
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
_crt_debugger_hook
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
??2@YAPAXI@Z
??3@YAXPAX@Z
__CxxFrameHandler3
_CxxThrowException

kernel32

GetCommandLineW
Sleep
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoA
InterlockedCompareExchange
InterlockedExchange

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7e6af22c0a136c5001d6c230f3ced0c1

Headers

DLL Characteristics

File Characteristics

Imports

qtgui4

qtcore4

msvcr90

kernel32

Sections

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 960B

.text Size: 160KB - Virtual size: 160KB

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 960B

.text
Size: 160KB - Virtual size: 160KB