32550d971ce65baeaae02d90151613e0_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

32550d971ce65baeaae02d90151613e0_NeikiAnalytics.exe
Size

1.6MB
MD5

32550d971ce65baeaae02d90151613e0
SHA1

cf61397efb732214cef53385693953a4d9c9a49f
SHA256

e97985d84aeeecf023726630fc601404a932ff5436c576ea3dc3ee9201027891
SHA512

b0d34ab98606b1d015b357909eb46972cfd6cf26e6d1f513d4e7a0d7c1f16c7ac4e7c3e9e4a20b7ce774b8f342f00501477cb6925250e54945946038ba0522ec
SSDEEP

24576:XsfqHGbKqMWkFVewkGaVzu44rLay+9Y7YZSuDkBp6+33tZ+yvG5RsojHGx0e:XfHGbpAFVewkGv4YjO6vvEv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
32550d971ce65baeaae02d90151613e0_NeikiAnalytics.exe

Files

32550d971ce65baeaae02d90151613e0_NeikiAnalytics.exe
.dll windows:6 windows x64 arch:x64

36b9ce5f2314685b2786c563e5044237

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Devel\PluginsSlimSlow05\c3multibandcomp_1_2_10\x64\Release\n-Track Multiband Compressor.pdb

Imports

kernel32

LoadLibraryA
LockResource
GlobalAlloc
GlobalFree
LoadResource
GetProcAddress
GlobalLock
DeleteCriticalSection
FreeLibrary
WideCharToMultiByte
GlobalUnlock
GetModuleFileNameA
GetFileAttributesExA
GetModuleHandleW
CloseHandle
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
RtlCaptureContext
GetTickCount64
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeSListHead
GetCPInfo
GetStringTypeW
GetCurrentProcess
TerminateProcess
MultiByteToWideChar
GetCurrentThreadId
LCMapStringEx
GetLocaleInfoEx
LocalFree
DecodePointer
EncodePointer
InitializeCriticalSectionEx
FormatMessageA
RaiseException
GlobalSize
FindClose
FindResourceA
InitializeCriticalSection
LeaveCriticalSection
FindNextFileW
EnterCriticalSection
FindFirstFileW
SizeofResource
GetTickCount
RtlLookupFunctionEntry
Sleep
RtlPcToFileHeader
CompareStringEx

user32

TrackPopupMenu
RegisterClassExW
GetWindowLongPtrW
SetClassLongPtrW
CreatePopupMenu
SetWindowTextW
UnregisterClassW
CallNextHookEx
SendMessageW
ScreenToClient
CreateWindowExW
SetWindowLongPtrW
GetDC
DestroyWindow
GetFocus
MonitorFromPoint
MapVirtualKeyW
CallWindowProcW
GetUpdateRgn
DefWindowProcW
GetWindowTextLengthW
GetWindowLongW
MessageBoxA
DestroyMenu
ShowWindow
SetFocus
GetUpdateRect
LoadCursorW
SetCapture
SetWindowsHookExW
wsprintfW
GetClientRect
AppendMenuW
KillTimer
ReleaseCapture
InvalidateRect
IsWindow
GetAsyncKeyState
ReleaseDC
GetCursorPos
BeginPaint
EndPaint
EnableWindow
GetWindowTextW
GetWindowRect
SetWindowPos
GetSystemMetrics
DispatchMessageW
PeekMessageW
GetClassNameW
GetParent
SetMenuItemInfoW
SetTimer
ClientToScreen
GetWindowInfo
RegisterClassW
MapWindowPoints
SetMenuInfo
SetLayeredWindowAttributes
TrackMouseEvent
UnhookWindowsHookEx

gdi32

CreateSolidBrush
DeleteObject
SetBkColor
SwapBuffers
ChoosePixelFormat
SetTextColor
CreateRectRgn
CreateDIBSection
GetRegionData
SetPixelFormat
CreateFontIndirectW

shell32

DragQueryFileW

ole32

CoInitialize
RevokeDragDrop
OleGetClipboard
RegisterDragDrop
CreateStreamOnHGlobal
OleSetClipboard
DoDragDrop
CoCreateInstance
GetHGlobalFromStream
OleInitialize
OleUninitialize

dwmapi

DwmExtendFrameIntoClientArea

shlwapi

SHCreateStreamOnFileEx
ord12

opengl32

wglCreateContext
wglGetCurrentContext
wglDeleteContext
wglMakeCurrent

d2d1

ord1

dwrite

DWriteCreateFactory

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__RTDynamicCast
__uncaught_exception
memmove
__std_terminate
__std_exception_destroy
__std_exception_copy
_purecall
wcschr
__C_specific_handler
__current_exception
__current_exception_context
memset
_CxxThrowException
__std_type_info_destroy_list
__AdjustPointer
memcpy
memchr
memcmp

api-ms-win-crt-heap-l1-1-0

malloc
calloc
free
_callnewh
realloc

api-ms-win-crt-convert-l1-1-0

strtod
strtol
strtof

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf
_fseeki64
fread
clearerr
_ftelli64
fclose
ferror
fopen
__stdio_common_vsprintf_s

api-ms-win-crt-string-l1-1-0

islower
strncpy_s
strncat
tolower
_wcsicmp
isspace
wcsnlen
isupper
_stricmp
__strncnt
strcspn
toupper
strncpy
_wcsdup

api-ms-win-crt-locale-l1-1-0

___mb_cur_max_func
__pctype_func
___lc_collate_cp_func
localeconv
_unlock_locales
___lc_codepage_func
___lc_locale_name_func
setlocale
_lock_locales

api-ms-win-crt-runtime-l1-1-0

_register_onexit_function
_execute_onexit_table
_crt_atexit
_crt_at_quick_exit
_cexit
terminate
_initterm
_initterm_e
abort
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_errno
_initialize_onexit_table
_invalid_parameter_noinfo_noreturn

api-ms-win-crt-math-l1-1-0

frexp
ldexp
round
tan
sinf
sin
roundf
log10
powf
pow
fmod
cosf
atan2
log10f
tanf

api-ms-win-crt-time-l1-1-0

_W_Getmonths
_Strftime
_Gettnames
_Wcsftime
_W_Gettnames
_Getmonths
_W_Getdays
_Getdays

Exports

Exports

MAIN
VSTPluginMain

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 327KB - Virtual size: 326KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

36b9ce5f2314685b2786c563e5044237

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

shell32

ole32

dwmapi

shlwapi

opengl32

d2d1

dwrite

vcruntime140_1

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-time-l1-1-0

Exports

Exports

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 327KB - Virtual size: 326KB

.data Size: 23KB - Virtual size: 27KB

.pdata Size: 73KB - Virtual size: 72KB

_RDATA Size: 77KB - Virtual size: 76KB

.rsrc Size: 36KB - Virtual size: 35KB

.reloc Size: 17KB - Virtual size: 17KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 327KB - Virtual size: 326KB

.data
Size: 23KB - Virtual size: 27KB

.pdata
Size: 73KB - Virtual size: 72KB

_RDATA
Size: 77KB - Virtual size: 76KB

.rsrc
Size: 36KB - Virtual size: 35KB

.reloc
Size: 17KB - Virtual size: 17KB