15293b84bbd121250077b1cc85469a8dc37a821148bcadb276340686af4c01fd_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

15293b84bbd121250077b1cc85469a8dc37a821148bcadb276340686af4c01fd_NeikiAnalytics.exe
Size

4.7MB
MD5

619e93aac975f7f6a45eabf6f538ced0
SHA1

b5b59a18cd4e800b0717330eeb06c81f30030327
SHA256

15293b84bbd121250077b1cc85469a8dc37a821148bcadb276340686af4c01fd
SHA512

ff402fda1272297b86ce9eb9bd01b8f76b0a7656f8d0df7012c52a47cd4c19548906dfa31532b9fa51f5159ca6a51609c4c8e95f3fffcc8d527c611dcbb86b0f
SSDEEP

49152:IWJNldVQby/J5vFiX99mUbKJhQpCNXv7VF1Gwv0T0V9Xb88t+u1yPYvWVqRcHuAT:Rf/NjLNvWDIsBAUZL26WsiO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15293b84bbd121250077b1cc85469a8dc37a821148bcadb276340686af4c01fd_NeikiAnalytics.exe

Files

15293b84bbd121250077b1cc85469a8dc37a821148bcadb276340686af4c01fd_NeikiAnalytics.exe
.dll windows:4 windows x64 arch:x64

81f58fb2de4eae4b1e39ce7593f63afb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

libvlccore

subpicture_region_New
var_Inherit
video_format_IsSimilar
vlc_frame_Release
vlc_input_attachment_Release
vlc_mutex_init
vlc_mutex_lock
vlc_mutex_unlock
vlc_object_Log
vlc_spu_regions_Clear
vlc_stream_Delete
vlc_stream_MemoryNew
vlc_stream_ReadLine

advapi32

CryptAcquireContextA
CryptGenRandom
CryptReleaseContext

gdi32

CreateCompatibleDC
CreateFontIndirectW
DeleteDC
DeleteObject
EnumFontFamiliesW
GetTextFaceW
SelectObject

kernel32

AreFileApisANSI
CloseHandle
CreateFileA
CreateFileMappingA
CreateFileW
DeleteCriticalSection
EnterCriticalSection
FindClose
FindFirstFileExW
FindNextFileW
FreeLibrary
GetACP
GetFileSize
GetFileSizeEx
GetLastError
GetProcAddress
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryW
MapViewOfFile
MultiByteToWideChar
ReadFile
Sleep
TlsGetValue
UnmapViewOfFile
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

___lc_codepage_func
___mb_cur_max_func
__iob_func
__setusermatherr
_amsg_exit
_assert
_errno
_exit
_initterm
_lock
_setjmp
_stricmp
_unlock
_wassert
_wfopen
abort
atoi
calloc
fclose
feof
ferror
fopen
fprintf
fputc
fread
free
frexp
fseek
ftell
fwrite
getc
getenv
islower
isspace
isupper
isxdigit
localeconv
malloc
mbstowcs
memchr
memcmp
memcpy
memmove
memset
qsort
realloc
rewind
setlocale
strcat
strchr
strcmp
strcpy
strerror
strlen
strncmp
strncpy
strrchr
strstr
strtol
strtoul
tolower
ungetc
vfprintf
wcslen
wcsncmp
longjmp
_write
_strdup
_open
_close

user32

GetDC
ReleaseDC

Exports

Exports

vlc_entry
vlc_entry_api_version
vlc_entry_copyright
vlc_entry_license

Sections

.text
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 236KB - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 226KB - Virtual size: 225KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 171B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

81f58fb2de4eae4b1e39ce7593f63afb

Headers

DLL Characteristics

File Characteristics

Imports

libvlccore

advapi32

gdi32

kernel32

msvcrt

user32

Exports

Exports

Sections

.text Size: 2.7MB - Virtual size: 2.7MB

.data Size: 3KB - Virtual size: 2KB

.rdata Size: 1.5MB - Virtual size: 1.5MB

.pdata Size: 236KB - Virtual size: 236KB

.xdata Size: 226KB - Virtual size: 225KB

.bss Size: - Virtual size: 3KB

.edata Size: 512B - Virtual size: 171B

.idata Size: 5KB - Virtual size: 4KB

.CRT Size: 512B - Virtual size: 88B

.tls Size: 512B - Virtual size: 16B

.rsrc Size: 1024B - Virtual size: 928B

.reloc Size: 4KB - Virtual size: 3KB

/4 Size: 512B - Virtual size: 32B

.text
Size: 2.7MB - Virtual size: 2.7MB

.data
Size: 3KB - Virtual size: 2KB

.rdata
Size: 1.5MB - Virtual size: 1.5MB

.pdata
Size: 236KB - Virtual size: 236KB

.xdata
Size: 226KB - Virtual size: 225KB

.bss
Size: - Virtual size: 3KB

.edata
Size: 512B - Virtual size: 171B

.idata
Size: 5KB - Virtual size: 4KB

.CRT
Size: 512B - Virtual size: 88B

.tls
Size: 512B - Virtual size: 16B

.rsrc
Size: 1024B - Virtual size: 928B

.reloc
Size: 4KB - Virtual size: 3KB

/4
Size: 512B - Virtual size: 32B