0bed5497632acba66e67b42316200300_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

0bed5497632acba66e67b42316200300_NeikiAnalytics.exe
Size

157KB
MD5

0bed5497632acba66e67b42316200300
SHA1

7c5d8722b04cb41ab5a68fc7264d98a7ad96aa78
SHA256

ecc4e9a8b28e9c19060d820f2b4c0f15296eab86279254d4861bc165f4fceb96
SHA512

6c4eaeeabd5f52734549e90f35231cb32afdcf62206b305ed28d1bb781a4cc563007041b0472cbfdcbcd83388ec346804cbd9312e06374ff44503682a48c2126
SSDEEP

3072:ulX7FsmezdYspYUrST2rfNTGEIXIten/YgP0CY1xfSF:ulaJt1ST2jtG5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0bed5497632acba66e67b42316200300_NeikiAnalytics.exe

Files

0bed5497632acba66e67b42316200300_NeikiAnalytics.exe
.dll windows:6 windows x64 arch:x64

20ed1fb86cd1aae087168d22f8f583fe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

Imports

libvlccore

config_ChainParse
var_GetChecked
var_Inherit
vlc_UrlClean
vlc_UrlParse
vlc_b64_encode_binary
vlc_cancel
vlc_clone
vlc_cond_broadcast
vlc_cond_init
vlc_cond_signal
vlc_cond_wait
vlc_control_cancel
vlc_frame_Alloc
vlc_frame_Release
vlc_frame_heap_Alloc
vlc_getProxyUrl
vlc_getaddrinfo_i11e
vlc_gettext
vlc_http_cookies_fetch
vlc_http_cookies_store
vlc_interrupt_register
vlc_interrupt_unregister
vlc_join
vlc_memstream_close
vlc_memstream_open
vlc_memstream_printf
vlc_memstream_write
vlc_mutex_init
vlc_mutex_lock
vlc_mutex_unlock
vlc_obj_malloc
vlc_object_Log
vlc_object_parent
vlc_restorecancel
vlc_savecancel
vlc_strerror_c
vlc_testcancel
vlc_thread_set_name
vlc_tls_ClientCreate
vlc_tls_ClientDelete
vlc_tls_ClientSessionCreate
vlc_tls_GetLine
vlc_tls_Read
vlc_tls_SessionDelete
vlc_tls_SocketOpenAddrInfo
vlc_tls_SocketOpenTCP
vlc_tls_SocketOpenTLS
vlc_tls_Write
vlc_uri_fixup
vlc_uri_resolve
vlc_vaLog

ws2_32

WSACloseEvent
WSACreateEvent
WSAEnumNetworkEvents
WSAEventSelect
WSAGetLastError
WSAWaitForMultipleEvents
__WSAFDIsSet
freeaddrinfo
select

msvcrt

___lc_codepage_func
___mb_cur_max_func
__iob_func
_amsg_exit
_errno
_gmtime64
_initterm
_lock
_strdup
_stricmp
_strnicmp
_strtoi64
_strtoui64
_time64
_unlock
_wassert
_write
abort
bsearch
calloc
fputc
free
fwrite
getc
isspace
isxdigit
localeconv
malloc
memchr
memcmp
memcpy
memmove
memset
realloc
strchr
strcmp
strcspn
strerror
strlen
strncmp
strspn
strstr
strtol
strtoul
tolower
ungetc
vfprintf
wcslen
wcstombs

kernel32

DeleteCriticalSection
EnterCriticalSection
FormatMessageW
GetCurrentProcess
GetLastError
GetModuleHandleW
GetProcAddress
InitializeCriticalSection
IsDBCSLeadByteEx
IsProcessorFeaturePresent
LeaveCriticalSection
LoadLibraryW
MultiByteToWideChar
Sleep
SleepEx
TerminateProcess
TlsGetValue
VirtualProtect
VirtualQuery
WideCharToMultiByte

Exports

Exports

vlc_entry
vlc_entry_api_version
vlc_entry_copyright
vlc_entry_license

Sections

.text
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.buildid
Size: 512B - Virtual size: 53B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

20ed1fb86cd1aae087168d22f8f583fe

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

libvlccore

ws2_32

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 128KB - Virtual size: 127KB

.rdata Size: 19KB - Virtual size: 19KB

.buildid Size: 512B - Virtual size: 53B

.data Size: 512B - Virtual size: 6KB

.pdata Size: 4KB - Virtual size: 4KB

.tls Size: 512B - Virtual size: 16B

.rsrc Size: 1024B - Virtual size: 936B

.reloc Size: 512B - Virtual size: 232B

/4 Size: 512B - Virtual size: 40B

.text
Size: 128KB - Virtual size: 127KB

.rdata
Size: 19KB - Virtual size: 19KB

.buildid
Size: 512B - Virtual size: 53B

.data
Size: 512B - Virtual size: 6KB

.pdata
Size: 4KB - Virtual size: 4KB

.tls
Size: 512B - Virtual size: 16B

.rsrc
Size: 1024B - Virtual size: 936B

.reloc
Size: 512B - Virtual size: 232B

/4
Size: 512B - Virtual size: 40B