UnrealEditor-LiveLinkControlRig.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
250b18ca4a457e5bdad5762fd7c5d4cbac4cd09215bcf6c041993325a70e4623_NeikiAnalytics.dll
Resource
win7-20240611-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
250b18ca4a457e5bdad5762fd7c5d4cbac4cd09215bcf6c041993325a70e4623_NeikiAnalytics.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
250b18ca4a457e5bdad5762fd7c5d4cbac4cd09215bcf6c041993325a70e4623_NeikiAnalytics.exe
-
Size
123KB
-
MD5
cf553c9ad35f1e77f86547a8f258ee20
-
SHA1
50d405c64c82b8c1a0bcd0a5cc36e4b25dddd07c
-
SHA256
250b18ca4a457e5bdad5762fd7c5d4cbac4cd09215bcf6c041993325a70e4623
-
SHA512
a17e765be8b7da1ec18c205b50e301e4d3f6d8c3bd766ec8f4d11bd7d23e3e6c2ea4689c241bae13b7afc26cfc84381be8e823b51758faeef2b16b77ab3da96d
-
SSDEEP
1536:yDYMQhKBJuZ9hXVSvSXHv1vsdavbknxkiOdmt7yh8fWkjiLuvNgdI78Paq:jKBK9BV/1vsdavYnxLEmt0Me5dJT
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 250b18ca4a457e5bdad5762fd7c5d4cbac4cd09215bcf6c041993325a70e4623_NeikiAnalytics.exe
Files
-
250b18ca4a457e5bdad5762fd7c5d4cbac4cd09215bcf6c041993325a70e4623_NeikiAnalytics.exe.dll windows:6 windows x64 arch:x64
2edd42d3e0f5f750962aa894230a5b03
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
Imports
unrealeditor-rigvm
??0FRigVMRuntimeSettings@@QEAA@XZ
??1FRigVMRuntimeSettings@@QEAA@XZ
??4FRigVMRuntimeSettings@@QEAAAEAU0@AEBU0@@Z
??0FRigVMFunctionArgument@@QEAA@PEB_W0W4ERigVMFunctionArgumentDirection@@@Z
??1FRigVMNameCache@@QEAA@XZ
??0FRigVMNameCache@@QEAA@XZ
?Get@FRigVMRegistry@@SAAEAU1@XZ
?Register@FRigVMRegistry@@QEAAXPEB_WP6AXAEAUFRigVMExtendedExecuteContext@@V?$TArrayView@UFRigVMMemoryHandle@@H@@V?$TArrayView@UFRigVMPredicateBranch@@H@@@ZPEAVUScriptStruct@@AEBV?$TArray@UFRigVMFunctionArgument@@V?$TSizedDefaultAllocator@$0CA@@@@@@Z
?Z_Construct_UEnum_RigVM_ERigVMTransformSpace@@YAPEAVUEnum@@XZ
?ProcessPinLabelForInjection@FRigVMStruct@@UEBA?AVFString@@AEBV2@@Z
?GetEventName@FRigVMStruct@@UEBA?AVFName@@XZ
?CanOnlyExistOnce@FRigVMStruct@@UEBA_NXZ
?GetUnitLabel@FRigVMStruct@@UEBA?AVFString@@XZ
?Initialize@FRigVMStruct@@UEAAXXZ
?Execute@FRigVMStruct@@UEAAXXZ
?GetNumSlices@FRigVMStruct@@UEBAHXZ
?IsControlFlowBlockSliced@FRigVMStruct@@UEBA?B_NAEBVFName@@@Z
?OnUnitNodeCreated@FRigVMStruct@@UEBAXAEAUFRigVMUnitNodeCreatedContext@@@Z
?GetData_Internal@FRigVMPropertyPath@@AEBAPEAEPEAEPEBVFProperty@@@Z
?GetUpgradeInfo@FRigVMStruct@@UEBA?AUFRigVMStructUpgradeInfo@@XZ
?GetSupportedWorkflows@FRigVMStruct@@MEBA?AV?$TArray@UFRigVMUserWorkflow@@V?$TSizedDefaultAllocator@$0CA@@@@@PEBVUObject@@@Z
?GetControlFlowBlocks_Impl@FRigVMStruct@@MEBAAEBV?$TArray@VFName@@V?$TSizedDefaultAllocator@$0CA@@@@@XZ
?GetNextAggregateName@FRigVMStruct@@UEBA?AVFName@@AEBV2@@Z
??1FRigVMFunctionArgument@@QEAA@XZ
unrealeditor-controlrig
??4FRigUnit@@QEAAAEAU0@AEBU0@@Z
?Z_Construct_UScriptStruct_FRigUnit@@YAPEAVUScriptStruct@@XZ
?DetermineSpaceForPin@FRigUnit@@UEBA?AUFRigElementKey@@AEBVFString@@PEAX@Z
?DetermineOffsetTransformForPin@FRigUnit@@UEBA?AU?$TTransform@N@Math@UE@@AEBVFString@@PEAX@Z
??0FRigUnit@@QEAA@AEBU0@@Z
??1FRigUnit@@UEAA@XZ
?StaticStruct@FControlRigExecuteContext@@SAPEAVUScriptStruct@@XZ
??0FRigUnit@@QEAA@XZ
unrealeditor-core
??0FName@@QEAA@PEBDW4EFindName@@@Z
??0FLogCategoryBase@@QEAA@AEBVFName@@W4Type@ELogVerbosity@@1@Z
??1FLogCategoryBase@@QEAA@XZ
?DoSetup@FThreadSafeStaticStatBase@@IEBAPEBUTStatIdData@@PEBDPEB_W001_N2W4Type@EStatDataType@@22W4EMemoryCounterRegion@FWindowsPlatformMemory@@@Z
?GCoreObjectArrayForDebugVisualizers@@3PEAVFChunkedFixedUObjectArray@@EA
?GCoreComplexObjectPathDebug@@3PEAUFStoredObjectPathDebug@Private@CoreUObject@UE@@EA
?GCoreObjectHandlePackageDebug@@3PEAUFObjectHandlePackageDebugData@Private@CoreUObject@UE@@EA
?CheckVerifyFailedImpl@FDebug@@SA_NPEBD0HPEAXPEB_WZZ
?Free@FMemory@@SAXPEAX@Z
?Malloc@FMemory@@SAPEAX_KI@Z
?HandleAtomicsFailure@FWindowsPlatformAtomics@@KAXPEB_WZZ
?QuantizeSize@FMemory@@SA_K_KI@Z
?OnInvalidArrayNum@Private@Core@UE@@YAX_K@Z
?ResizeAllocation@ForAnyElementType@?$TSizedHeapAllocator@$0CA@UFMemory@@@@QEAAXHH_K@Z
?ResizeAllocation@ForAnyElementType@?$TSizedHeapAllocator@$0CA@UFMemory@@@@QEAAXHH_KI@Z
??0FString@@QEAA@PEBD@Z
??0FString@@QEAA@PEB_W@Z
?FromValidEName@FNameEntryId@@CA?AU1@W4EName@@@Z
?ToString@FName@@QEBA?AVFString@@XZ
?GetBlocks@FNameDebugVisualizer@@SAPEAPEAEXZ
?StackWalkAndDump@FWindowsPlatformStackWalk@@SAXPEAD_KHPEAX@Z
?ThreadStackWalkAndDump@FWindowsPlatformStackWalk@@SAXPEAD_KHI@Z
?GetDestructionSentinelStackTls@FMRSWRecursiveAccessDetector@@CAAEAV?$TArray@PEAUFDestructionSentinel@FMRSWRecursiveAccessDetector@@V?$TSizedInlineAllocator@$03$0CA@V?$TSizedDefaultAllocator@$0CA@@@@@@@XZ
?GetReadersTls@FMRSWRecursiveAccessDetector@@CAAEAV?$TArray@UFReaderNum@FMRSWRecursiveAccessDetector@@V?$TSizedInlineAllocator@$03$0CA@V?$TSizedDefaultAllocator@$0CA@@@@@@@XZ
?ResizeAllocation@FMemoryImageAllocatorBase@@QEAAXHH_KI@Z
?Get@IModularFeatures@@SAAEAV1@XZ
?Red@FLinearColor@@2U1@B
?Identity@?$TTransform@N@Math@UE@@2U123@B
??0FName@@QEAA@PEB_WW4EFindName@@@Z
?Realloc@FMemory@@SAPEAXPEAX_KI@Z
?CheckVerifyImpl@@YA_NAEA_N_NPEBDHPEAX2PEB_WZZ
unrealeditor-coreuobject
?GetStaticStruct@@YAPEAVUScriptStruct@@P6APEAV1@XZPEAVUObject@@PEB_W@Z
?RegisterCompiledInInfo@@YAXP6APEAVUPackage@@XZPEB_WAEAU?$TRegistrationInfo@VUPackage@@UFPackageReloadVersionInfo@@@@AEBUFPackageReloadVersionInfo@@@Z
?RegisterCompiledInInfo@@YAXPEB_WPEBUFClassRegisterCompiledInInfo@@_KPEBUFStructRegisterCompiledInInfo@@2PEBUFEnumRegisterCompiledInInfo@@2@Z
?IsA@FFieldVariant@@QEBA_NPEBVUClass@@@Z
?GetOwnerClass@FField@@QEBAPEAVUClass@@XZ
?OnHandleReadInternal@Private@CoreUObject@UE@@YAXV?$TArrayView@QEBVUObject@@H@@@Z
?Resolve@FObjectRef@@QEBAPEAVUObject@@I@Z
?MakeObjectRef@Private@CoreUObject@UE@@YA?AUFObjectRef@@UFPackedObjectRef@123@@Z
?IsChildOf@UStruct@@QEBA_NPEBV1@@Z
?IsValidLowLevel@UObjectBase@@QEBA_NXZ
?InternalCreateDefaultObjectWrapper@UClass@@AEBAXXZ
?StaticClassCastFlagsPrivate@FArrayProperty@@SA_KXZ
??0FStructOnScope@@QEAA@XZ
??0FStructOnScope@@QEAA@PEBVUStruct@@PEAE@Z
??1FStructOnScope@@UEAA@XZ
?Z_Construct_UScriptStruct_FLinearColor@@YAPEAVUScriptStruct@@XZ
?Z_Construct_UScriptStruct_FTransform@@YAPEAVUScriptStruct@@XZ
?HandleReadCallbackQuantity@Private@CoreUObject@UE@@3U?$atomic@H@std@@A
?ConstructUScriptStruct@UECodeGen_Private@@YAXAEAPEAVUScriptStruct@@AEBUFStructParams@1@@Z
?GetPrivateStaticClass@UClass@@CAPEAV1@XZ
?ConstructUPackage@UECodeGen_Private@@YAXAEAPEAVUPackage@@AEBUFPackageParams@1@@Z
unrealeditor-livelinkinterface
?StaticStruct@FSubjectFrameHandle@@SAPEAVUScriptStruct@@XZ
?GetCurveValueByName@FSubjectFrameHandle@@QEBA_NVFName@@AEAM@Z
?GetTransformByName@FSubjectFrameHandle@@QEBAXVFName@@AEAUFLiveLinkTransform@@@Z
?Z_Construct_UScriptStruct_FSubjectFrameHandle@@YAPEAVUScriptStruct@@XZ
?GetPrivateStaticClass@ULiveLinkAnimationRole@@CAPEAVUClass@@XZ
?GetPrivateStaticClass@ULiveLinkTransformRole@@CAPEAVUClass@@XZ
?StaticStruct@FLiveLinkTransformFrameData@@SAPEAVUScriptStruct@@XZ
?ModularFeatureName@ILiveLinkClient@@2VFName@@A
?GetTransformRootSpace@FLiveLinkTransform@@QEBAXAEAU?$TTransform@N@Math@UE@@@Z
?GetTransformParentSpace@FLiveLinkTransform@@QEBAXAEAU?$TTransform@N@Math@UE@@@Z
??0FLiveLinkTransform@@QEAA@XZ
kernel32
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetProcAddress
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
CloseHandle
GetCurrentThreadId
vcruntime140
__std_terminate
__std_type_info_destroy_list
_purecall
memcpy
memmove
memset
__current_exception
__current_exception_context
__C_specific_handler
vcruntime140_1
__CxxFrameHandler4
api-ms-win-crt-runtime-l1-1-0
_crt_atexit
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_at_quick_exit
_cexit
_initterm
_initterm_e
terminate
Exports
Exports
??$StaticStruct@UFRigUnit_LiveLinkBase@@@@YAPEAVUScriptStruct@@XZ
??$StaticStruct@UFRigUnit_LiveLinkEvaluteFrameAnimation@@@@YAPEAVUScriptStruct@@XZ
??$StaticStruct@UFRigUnit_LiveLinkEvaluteFrameTransform@@@@YAPEAVUScriptStruct@@XZ
??$StaticStruct@UFRigUnit_LiveLinkGetParameterValueByName@@@@YAPEAVUScriptStruct@@XZ
??$StaticStruct@UFRigUnit_LiveLinkGetTransformByName@@@@YAPEAVUScriptStruct@@XZ
??0FRigUnit_LiveLinkBase@@QEAA@$$QEAU0@@Z
??0FRigUnit_LiveLinkBase@@QEAA@AEBU0@@Z
??0FRigUnit_LiveLinkBase@@QEAA@XZ
??0FRigUnit_LiveLinkEvaluteFrameAnimation@@QEAA@$$QEAU0@@Z
??0FRigUnit_LiveLinkEvaluteFrameAnimation@@QEAA@AEBU0@@Z
??0FRigUnit_LiveLinkEvaluteFrameAnimation@@QEAA@XZ
??0FRigUnit_LiveLinkEvaluteFrameTransform@@QEAA@$$QEAU0@@Z
??0FRigUnit_LiveLinkEvaluteFrameTransform@@QEAA@AEBU0@@Z
??0FRigUnit_LiveLinkEvaluteFrameTransform@@QEAA@XZ
??0FRigUnit_LiveLinkGetParameterValueByName@@QEAA@$$QEAU0@@Z
??0FRigUnit_LiveLinkGetParameterValueByName@@QEAA@AEBU0@@Z
??0FRigUnit_LiveLinkGetParameterValueByName@@QEAA@XZ
??0FRigUnit_LiveLinkGetTransformByName@@QEAA@$$QEAU0@@Z
??0FRigUnit_LiveLinkGetTransformByName@@QEAA@AEBU0@@Z
??0FRigUnit_LiveLinkGetTransformByName@@QEAA@XZ
??1FRigUnit_LiveLinkBase@@UEAA@XZ
??1FRigUnit_LiveLinkEvaluteFrameAnimation@@UEAA@XZ
??1FRigUnit_LiveLinkEvaluteFrameTransform@@UEAA@XZ
??1FRigUnit_LiveLinkGetParameterValueByName@@UEAA@XZ
??1FRigUnit_LiveLinkGetTransformByName@@UEAA@XZ
??4FRigUnit_LiveLinkBase@@QEAAAEAU0@$$QEAU0@@Z
??4FRigUnit_LiveLinkBase@@QEAAAEAU0@AEBU0@@Z
??4FRigUnit_LiveLinkEvaluteFrameAnimation@@QEAAAEAU0@$$QEAU0@@Z
??4FRigUnit_LiveLinkEvaluteFrameAnimation@@QEAAAEAU0@AEBU0@@Z
??4FRigUnit_LiveLinkEvaluteFrameTransform@@QEAAAEAU0@$$QEAU0@@Z
??4FRigUnit_LiveLinkEvaluteFrameTransform@@QEAAAEAU0@AEBU0@@Z
??4FRigUnit_LiveLinkGetParameterValueByName@@QEAAAEAU0@$$QEAU0@@Z
??4FRigUnit_LiveLinkGetParameterValueByName@@QEAAAEAU0@AEBU0@@Z
??4FRigUnit_LiveLinkGetTransformByName@@QEAAAEAU0@$$QEAU0@@Z
??4FRigUnit_LiveLinkGetTransformByName@@QEAAAEAU0@AEBU0@@Z
??_7FRigUnit_LiveLinkBase@@6B@
??_7FRigUnit_LiveLinkEvaluteFrameAnimation@@6B@
??_7FRigUnit_LiveLinkEvaluteFrameTransform@@6B@
??_7FRigUnit_LiveLinkGetParameterValueByName@@6B@
??_7FRigUnit_LiveLinkGetTransformByName@@6B@
?Execute@FRigUnit_LiveLinkEvaluteFrameAnimation@@QEAAXAEBUFControlRigExecuteContext@@@Z
?Execute@FRigUnit_LiveLinkEvaluteFrameAnimation@@UEAAXXZ
?Execute@FRigUnit_LiveLinkEvaluteFrameTransform@@QEAAXAEBUFControlRigExecuteContext@@@Z
?Execute@FRigUnit_LiveLinkEvaluteFrameTransform@@UEAAXXZ
?Execute@FRigUnit_LiveLinkGetParameterValueByName@@QEAAXAEBUFControlRigExecuteContext@@@Z
?Execute@FRigUnit_LiveLinkGetParameterValueByName@@UEAAXXZ
?Execute@FRigUnit_LiveLinkGetTransformByName@@QEAAXAEBUFControlRigExecuteContext@@@Z
?Execute@FRigUnit_LiveLinkGetTransformByName@@UEAAXXZ
?RigVMExecute@FRigUnit_LiveLinkEvaluteFrameAnimation@@SAXAEAUFRigVMExtendedExecuteContext@@V?$TArrayView@UFRigVMMemoryHandle@@H@@V?$TArrayView@UFRigVMPredicateBranch@@H@@@Z
?RigVMExecute@FRigUnit_LiveLinkEvaluteFrameTransform@@SAXAEAUFRigVMExtendedExecuteContext@@V?$TArrayView@UFRigVMMemoryHandle@@H@@V?$TArrayView@UFRigVMPredicateBranch@@H@@@Z
?RigVMExecute@FRigUnit_LiveLinkGetParameterValueByName@@SAXAEAUFRigVMExtendedExecuteContext@@V?$TArrayView@UFRigVMMemoryHandle@@H@@V?$TArrayView@UFRigVMPredicateBranch@@H@@@Z
?RigVMExecute@FRigUnit_LiveLinkGetTransformByName@@SAXAEAUFRigVMExtendedExecuteContext@@V?$TArrayView@UFRigVMMemoryHandle@@H@@V?$TArrayView@UFRigVMPredicateBranch@@H@@@Z
?StaticExecute@FRigUnit_LiveLinkEvaluteFrameAnimation@@SAXAEBUFControlRigExecuteContext@@AEBVFName@@_NAEBUFLinearColor@@AEBU?$TTransform@N@Math@UE@@AEAUFSubjectFrameHandle@@@Z
?StaticExecute@FRigUnit_LiveLinkEvaluteFrameTransform@@SAXAEBUFControlRigExecuteContext@@AEBVFName@@_NAEBUFLinearColor@@AEBU?$TTransform@N@Math@UE@@AEAU567@@Z
?StaticExecute@FRigUnit_LiveLinkGetParameterValueByName@@SAXAEBUFControlRigExecuteContext@@AEBUFSubjectFrameHandle@@AEBVFName@@AEAM@Z
?StaticExecute@FRigUnit_LiveLinkGetTransformByName@@SAXAEBUFControlRigExecuteContext@@AEBUFSubjectFrameHandle@@AEBVFName@@W4ERigVMTransformSpace@@AEAU?$TTransform@N@Math@UE@@@Z
?StaticStruct@FRigUnit_LiveLinkBase@@SAPEAVUScriptStruct@@XZ
?StaticStruct@FRigUnit_LiveLinkEvaluteFrameAnimation@@SAPEAVUScriptStruct@@XZ
?StaticStruct@FRigUnit_LiveLinkEvaluteFrameTransform@@SAPEAVUScriptStruct@@XZ
?StaticStruct@FRigUnit_LiveLinkGetParameterValueByName@@SAPEAVUScriptStruct@@XZ
?StaticStruct@FRigUnit_LiveLinkGetTransformByName@@SAPEAVUScriptStruct@@XZ
?Z_Construct_UScriptStruct_FRigUnit_LiveLinkBase@@YAPEAVUScriptStruct@@XZ
?Z_Construct_UScriptStruct_FRigUnit_LiveLinkEvaluteFrameAnimation@@YAPEAVUScriptStruct@@XZ
?Z_Construct_UScriptStruct_FRigUnit_LiveLinkEvaluteFrameTransform@@YAPEAVUScriptStruct@@XZ
?Z_Construct_UScriptStruct_FRigUnit_LiveLinkGetParameterValueByName@@YAPEAVUScriptStruct@@XZ
?Z_Construct_UScriptStruct_FRigUnit_LiveLinkGetTransformByName@@YAPEAVUScriptStruct@@XZ
InitializeModule
Sections
.text Size: 44KB - Virtual size: 44KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.uedbg Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 40KB - Virtual size: 39KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 26KB - Virtual size: 25KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ