494c3ab078a66d92e55ea6fed4db8d30_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

494c3ab078a66d92e55ea6fed4db8d30_NeikiAnalytics.exe
Size

50KB
MD5

494c3ab078a66d92e55ea6fed4db8d30
SHA1

ebd04a2772cebed4ef8c3137f8f27d8dae6021ff
SHA256

fafffca34c68cb340b4a265bd7f4a3d930a7dd86906d44be6d7e2856dd192068
SHA512

c099ffb57863b6f89d56c9eb0766635f64388f361e03b58175fd341f66a603a1fc38f746b9ec5e5678198128e1dd8cdc51de2bbbf3eb91c857f6d27be7afc880
SSDEEP

768:yCDb1koj1ox02uXRnkC2faUFNJ5SqWo1ZelGlyQlVYT/:yU+COiRnalX1ZelYVA/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
494c3ab078a66d92e55ea6fed4db8d30_NeikiAnalytics.exe

Files

494c3ab078a66d92e55ea6fed4db8d30_NeikiAnalytics.exe
.dll windows:6 windows x86 arch:x86

c98ecbe746a73614067958494c29e622

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Code-Work\WindowsBLE\LibBle\Release\LibBle.pdb

Imports

msvcp140

?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?uncaught_exception@std@@YA_NXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?good@ios_base@std@@QBE_NXZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?width@ios_base@std@@QBE_JXZ
?flags@ios_base@std@@QBEHXZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?width@ios_base@std@@QAE_J_J@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A

vcruntime140

memset
__FrameUnwindFilter
__CxxUnregisterExceptionObject
__CxxDetectRethrow
__CxxRegisterExceptionObject
__CxxExceptionFilter
__CxxQueryExceptionSize
__std_exception_copy
__std_exception_destroy
_CxxThrowException
__std_type_info_destroy_list
__current_exception
__current_exception_context
_except_handler4_common

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vfprintf

api-ms-win-crt-runtime-l1-1-0

abort
terminate
_cexit
_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_execute_onexit_table

api-ms-win-crt-heap-l1-1-0

malloc
free
_callnewh

kernel32

Sleep
CreateThread
CloseHandle
GlobalFree
CreateFileW
GlobalAlloc
GetLastError
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
WaitForSingleObject
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter

ole32

CLSIDFromString

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsW

bluetoothapis

BluetoothGATTGetDescriptorValue
BluetoothGATTGetServices
BluetoothGATTUnregisterEvent
BluetoothGATTSetCharacteristicValue
BluetoothGATTRegisterEvent
BluetoothGATTSetDescriptorValue
BluetoothGATTGetDescriptors
BluetoothGATTGetCharacteristics

mscoree

_CorDllMain

Exports

Exports

closeBleDevice
initializeDevice
isDeviceExist
registerBleCallback
unregisterBleCallback
writeBleMsg

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 652B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c98ecbe746a73614067958494c29e622

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcp140

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

kernel32

ole32

setupapi

bluetoothapis

mscoree

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 35KB - Virtual size: 35KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 1024B - Virtual size: 652B

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 35KB - Virtual size: 35KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 1024B - Virtual size: 652B