45926fdf9c68ef83739a37e2f4d2fb3cf5c1cbecaaf844e9801adbd3c2aa19b1_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

45926fdf9c68ef83739a37e2f4d2fb3cf5c1cbecaaf844e9801adbd3c2aa19b1_NeikiAnalytics.exe
Size

52KB
MD5

e6eac73426694f9cbbdfc9a4bdbf7570
SHA1

fe68f9ba3e7241e88030413f582d187fed711cbf
SHA256

45926fdf9c68ef83739a37e2f4d2fb3cf5c1cbecaaf844e9801adbd3c2aa19b1
SHA512

17e30eb3c7171f0590489c07dec478764e11731c117ecce454d98637684e0655d888781fa10f305273e581a18cd54aa62b9a08e72758c504af96f311de49c423
SSDEEP

768:dXGkZBJK2VI8ToSSHNv/hUqWIdv/T0yQU8A0h:d2kZzVFSxrWIlQL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45926fdf9c68ef83739a37e2f4d2fb3cf5c1cbecaaf844e9801adbd3c2aa19b1_NeikiAnalytics.exe

Files

45926fdf9c68ef83739a37e2f4d2fb3cf5c1cbecaaf844e9801adbd3c2aa19b1_NeikiAnalytics.exe
.dll windows:6 windows x64 arch:x64

d0250bcdc56e4ee139ff4c6f74f3a58d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

ShooterGameEditor-AnimationLocomotionLibraryEditor.pdb

Imports

shootergameeditor-core

?GCoreObjectArrayForDebugVisualizers@@3PEAVFChunkedFixedUObjectArray@@EA
?GCoreComplexObjectPathDebug@@3PEAUFStoredObjectPath@Private@CoreUObject@UE@@EA
?GCoreObjectHandlePackageDebug@@3PEAUFObjectHandlePackageDebugData@Private@CoreUObject@UE@@EA
?CheckVerifyFailedImpl@FDebug@@SAXPEBD0HPEAXPEB_WZZ
?Malloc@FMemory@@SAPEAX_KI@Z
??0FString@@QEAA@PEB_W@Z
??1FString@@QEAA@XZ
?FromValidEName@FNameEntryId@@CA?AU1@W4EName@@@Z
?ToString@FName@@QEBA?AVFString@@XZ
?GetBlocks@FNameDebugVisualizer@@SAPEAPEAEXZ
?BasicLog@Private@Logging@UE@@YAXAEBUFLogCategoryBase@@PEBUFStaticBasicLogRecord@123@ZZ
??1FLogCategoryBase@@QEAA@XZ
??0FLogCategoryBase@@QEAA@AEBVFName@@W4Type@ELogVerbosity@@1@Z
??0FName@@QEAA@PEBDW4EFindName@@@Z
??0FName@@QEAA@PEB_WW4EFindName@@@Z
?GIgnoreDebugger@@3_NA
?Free@FMemory@@SAXPEAX@Z

shootergameeditor-coreuobject

?GetConfigOverridePlatform@UObject@@UEBAPEB_WXZ
?BuildSubobjectMapping@UObject@@UEBAXPEAV1@AEAV?$TMap@PEAVUObject@@PEAV1@VFDefaultSetAllocator@@U?$TDefaultMapHashableKeyFuncs@PEAVUObject@@PEAV1@$0A@@@@@@Z
?CookAdditionalFilesOverride@UObject@@EEAAXPEB_WPEBVITargetPlatform@@V?$TFunctionRef@$$A6AXPEB_WPEAX_J@Z@@@Z
?CookAdditionalFiles@UObject@@UEAAXPEB_WPEBVITargetPlatform@@@Z
?ClearAllCachedCookedPlatformData@UObject@@UEAAXXZ
?ClearCachedCookedPlatformData@UObject@@UEAAXPEBVITargetPlatform@@@Z
?WillNeverCacheCookedPlatformDataAgain@UObject@@UEAAXXZ
?IsCachedCookedPlatformDataLoaded@UObject@@UEAA_NPEBVITargetPlatform@@@Z
?BeginCacheForCookedPlatformData@UObject@@UEAAXPEBVITargetPlatform@@@Z
?AllowSubobjectInstancing@UObject@@UEAA_NXZ
?IsDataValid@UObject@@UEAA?AW4EDataValidationResult@@AEAVFDataValidationContext@@@Z
?IsDataValid@UObject@@UEAA?AW4EDataValidationResult@@AEAV?$TArray@VFText@@V?$TSizedDefaultAllocator@$0CA@@@@@@Z
?PreDestroyFromReplication@UObject@@UEAAXXZ
?PostRepNotifies@UObject@@UEAAXXZ
?PostNetReceive@UObject@@UEAAXXZ
?PreNetReceive@UObject@@UEAAXXZ
?GetSubobjectsWithStableNamesForNetworking@UObject@@UEAAXAEAV?$TArray@PEAVUObject@@V?$TSizedDefaultAllocator@$0CA@@@@@@Z
?IsSupportedForNetworking@UObject@@UEBA_NXZ
?IsFullNameStableForNetworking@UObject@@UEBA_NXZ
?IsNameStableForNetworking@UObject@@UEBA_NXZ
?GetReplicatedCustomConditionState@UObject@@UEBAXAEAVFCustomPropertyConditionState@@@Z
?GetLifetimeReplicatedProps@UObject@@UEBAXAEAV?$TArray@VFLifetimeProperty@@V?$TSizedDefaultAllocator@$0CA@@@@@@Z
?TagSubobjects@UObject@@UEAAXW4EObjectFlags@@@Z
?IsSafeForRootSet@UObject@@UEBA_NXZ
?IsLocalizedResource@UObject@@UEBA_NXZ
?GetPrimaryAssetId@UObject@@UEBA?AUFPrimaryAssetId@@XZ
?IsAsset@UObject@@UEBA_NXZ
?GetAssetRegistryTagMetadata@UObject@@UEBAXAEAV?$TMap@VFName@@UFAssetRegistryTagMetadata@UObject@@VFDefaultSetAllocator@@U?$TDefaultMapHashableKeyFuncs@VFName@@UFAssetRegistryTagMetadata@UObject@@$0A@@@@@@Z
?PostLoadAssetRegistryTags@UObject@@UEBAXAEBUFAssetData@@AEAV?$TArray@UFAssetRegistryTag@UObject@@V?$TSizedDefaultAllocator@$0CA@@@@@@Z
?GetExtendedAssetRegistryTagsForSave@UObject@@UEBAXPEBVITargetPlatform@@AEAV?$TArray@UFAssetRegistryTag@UObject@@V?$TSizedDefaultAllocator@$0CA@@@@@@Z
?GetExternalActorExtendedAssetRegistryTags@UObject@@UEBAXAEAV?$TArray@UFAssetRegistryTag@UObject@@V?$TSizedDefaultAllocator@$0CA@@@@@@Z
?GetAssetRegistryTags@UObject@@UEBAXAEAV?$TArray@UFAssetRegistryTag@UObject@@V?$TSizedDefaultAllocator@$0CA@@@@@@Z
?AreNativePropertiesIdenticalTo@UObject@@UEBA_NPEAV1@@Z
?GetRestoreForUObjectOverwrite@UObject@@UEAAPEAVFRestoreForUObjectOverwrite@@XZ
?GetExporterName@UObject@@UEAA?AVFName@@XZ
?GetResourceSizeEx@UObject@@UEAAXAEAUFResourceSizeEx@@@Z
?GetNativePropertyValues@UObject@@UEBA_NAEAV?$TMap@VFString@@V1@VFDefaultSetAllocator@@U?$TDefaultMapHashableKeyFuncs@VFString@@V1@$0A@@@@@I@Z
?HasWorld@UObject@@UEBA_NXZ
?GetWorld@UObject@@UEBAPEAVUWorld@@XZ
?MoveDataToSparseClassDataStruct@UObject@@UEBAXXZ
?OverridePerObjectConfigSection@UObject@@UEAAXAEAVFString@@@Z
?Rename@UObject@@UEAA_NPEB_WPEAV1@I@Z
?PostReloadConfig@UObject@@UEAAXPEAVFProperty@@@Z
?PostEditImport@UObject@@UEAAXXZ
?ImportCustomProperties@UObject@@UEAAXPEB_WPEAVFFeedbackContext@@@Z
?ExportCustomProperties@UObject@@UEAAXAEAVFOutputDevice@@I@Z
?GetPrestreamPackages@UObject@@UEAAXAEAV?$TArray@PEAVUObject@@V?$TSizedDefaultAllocator@$0CA@@@@@@Z
?GetPreloadDependencies@UObject@@UEAAXAEAV?$TArray@PEAVUObject@@V?$TSizedDefaultAllocator@$0CA@@@@@@Z
?IsDestructionThreadSafe@UObject@@UEBA_NXZ
?IsPostLoadThreadSafe@UObject@@UEBA_NXZ
?HasNonEditorOnlyReferences@UObject@@UEBA_NXZ
?IsEditorOnly@UObject@@UEBA_NXZ
?NeedsLoadForEditorGame@UObject@@UEBA_NXZ
?NeedsLoadForTargetPlatform@UObject@@UEBA_NPEBVITargetPlatform@@@Z
?NeedsLoadForServer@UObject@@UEBA_NXZ
?NeedsLoadForClient@UObject@@UEBA_NXZ
?PostDuplicate@UObject@@UEAAX_N@Z
?PostDuplicate@UObject@@UEAAXW4Type@EDuplicateMode@@@Z
?PreDuplicate@UObject@@UEAAXAEAUFObjectDuplicationParameters@@@Z
?PostRename@UObject@@UEAAXPEAV1@VFName@@@Z
?IsSelectedInEditor@UObject@@MEBA_NXZ
?FactoryTransactionAnnotation@UObject@@MEBA?AV?$TSharedPtr@VITransactionObjectAnnotation@@$00@@W4ETransactionAnnotationCreationMode@1@@Z
?PostTransacted@UObject@@UEAAXAEBVFTransactionObjectEvent@@@Z
?PostEditUndo@UObject@@UEAAXXZ
?PostEditUndo@UObject@@UEAAXV?$TSharedPtr@VITransactionObjectAnnotation@@$00@@@Z
?PreEditUndo@UObject@@UEAAXXZ
?PostEditChangeChainProperty@UObject@@UEAAXAEAUFPropertyChangedChainEvent@@@Z
?CanEditChange@UObject@@UEBA_NPEBVFProperty@@@Z
?CanEditChange@UObject@@UEBA_NAEBVFEditPropertyChain@@@Z
?PreEditChange@UObject@@UEAAXPEAVFProperty@@@Z
?PreEditChange@UObject@@UEAAXAEAVFEditPropertyChain@@@Z
?PostInterpChange@UObject@@UEAAXPEAVFProperty@@@Z
?ShutdownAfterError@UObject@@UEAAXXZ
?PostLinkerChange@UObject@@UEAAXXZ
?IsReadyForFinishDestroy@UObject@@UEAA_NXZ
?BeginDestroy@UObject@@UEAAXXZ
?PostLoadSubobjects@UObject@@UEAAXPEAUFObjectInstancingGraph@@@Z
?IsReadyForAsyncPostLoad@UObject@@UEBA_NXZ
?ResolveSubobject@UObject@@UEAA_NPEB_WAEAPEAV1@_N@Z
?LoadedFromAnotherClass@UObject@@UEAAXAEBVFName@@@Z
?Modify@UObject@@UEAA_N_N@Z
?PreSave@UObject@@UEAAXPEBVITargetPlatform@@@Z
?PreSave@UObject@@UEAAXVFObjectPreSaveContext@@@Z
?PostSaveRoot@UObject@@UEAAX_N@Z
?PostSaveRoot@UObject@@UEAAXVFObjectPostSaveRootContext@@@Z
?PreSaveRoot@UObject@@UEAA_NPEB_W@Z
?PreSaveRoot@UObject@@UEAAXVFObjectPreSaveRootContext@@@Z
?PostCDOCompiled@UObject@@UEAAXAEBUFObjectPostCDOCompiledContext@@@Z
?PostCDOCompiled@UObject@@UEAAXXZ
?PostCDOContruct@UObject@@UEAAXXZ
?PostReinitProperties@UObject@@UEAAXXZ
?GetDetailedInfoInternal@UObject@@MEBA?AVFString@@XZ
?OnClusterMarkedAsPendingKill@UObjectBaseUtility@@UEAAXXZ
?CreateCluster@UObjectBaseUtility@@UEAAXXZ
?CanBeInCluster@UObjectBaseUtility@@UEBA_NXZ
?CanBeClusterRoot@UObjectBaseUtility@@UEBA_NXZ
?GetFNameForStatID@UObjectBase@@UEBA?AVFName@@XZ
?DeferredRegister@UObjectBase@@MEAAXPEAVUClass@@PEB_W1@Z
?RegisterDependencies@UObjectBase@@MEAAXXZ
?ProcessEvent@UObject@@UEAAXPEAVUFunction@@PEAX@Z
?GetFunctionCallspace@UObject@@UEAAHPEAVUFunction@@PEAUFFrame@@@Z
?CallRemoteFunction@UObject@@UEAA_NPEAVUFunction@@PEAXPEAUFOutParmRec@@PEAUFFrame@@@Z
?ProcessConsoleExec@UObject@@UEAA_NPEB_WAEAVFOutputDevice@@PEAV1@@Z
?RegenerateClass@UObject@@UEAAPEAVUClass@@PEAV2@PEAV1@@Z
?MarkAsEditorOnlySubobject@UObject@@UEAAXXZ
?CheckDefaultSubobjectsInternal@UObject@@MEBA_NXZ
?ValidateGeneratedRepEnums@UObject@@UEBAXAEBV?$TArray@UFRepRecord@@V?$TSizedDefaultAllocator@$0CA@@@@@@Z
?SetNetPushIdDynamic@UObject@@EEAAX_K@Z
?GetNetPushIdDynamic@UObject@@UEBA_KXZ
?IsActor@UObject@@UEBA_NXZ
?IsComponent@UObject@@UEBA_NXZ
?IsMarkedForSeamlessTravel@UObject@@UEBA_NXZ
?IsInOrOwnedBy@UObject@@UEBA_NPEBV1@@Z
?SkipSerializedObjectGather@UObject@@UEBA_NAEAV?$TArray@PEAVUObject@@V?$TSizedDefaultAllocator@$0CA@@@@@@Z
?SkipDuringPartialWorldSave@UObject@@UEBA_NXZ
?FinishDestroy@UObject@@UEAAXXZ
?PostEditChangeProperty@UObject@@UEAAXAEAUFPropertyChangedEvent@@@Z
?GetPrivateStaticClassBody@@YAXPEB_W0AEAPEAVUClass@@P6AXXZIIW4EClassFlags@@W4EClassCastFlags@@0P6AXAEBVFObjectInitializer@@@ZP6APEAVUObject@@AEAVFVTableHelper@@@Z$$QEAUFUObjectCppClassStaticFunctions@@P6APEAV1@XZP6APEAV1@XZ@Z
?AddReferencedObjects@UObject@@SAXPEAV1@AEAVFReferenceCollector@@@Z
?DeclareConstructClasses@UObject@@SAXAEAV?$TArray@UFTopLevelAssetPath@@V?$TSizedDefaultAllocator@$0CA@@@@@PEBVUClass@@@Z
?AppendToClassSchema@UObject@@SAXAEAUFAppendToClassSchemaContext@@@Z
?DeclareCustomVersions@UObject@@SAXAEAVFArchive@@PEBVUClass@@@Z
?StaticClass@UObject@@SAPEAVUClass@@XZ
?RegisterCompiledInInfo@@YAXPEB_WPEBUFClassRegisterCompiledInInfo@@_KPEBUFStructRegisterCompiledInInfo@@2PEBUFEnumRegisterCompiledInInfo@@2@Z
?RegisterCompiledInInfo@@YAXP6APEAVUPackage@@XZPEB_WAEAU?$TRegistrationInfo@VUPackage@@UFPackageReloadVersionInfo@@@@AEBUFPackageReloadVersionInfo@@@Z
?GetStaticEnum@@YAPEAVUEnum@@P6APEAV1@XZPEAVUObject@@PEB_W@Z
?ConstructUClass@UECodeGen_Private@@YAXAEAPEAVUClass@@AEBUFClassParams@1@@Z
?ConstructUPackage@UECodeGen_Private@@YAXAEAPEAVUPackage@@AEBUFPackageParams@1@@Z
?ConstructUEnum@UECodeGen_Private@@YAXAEAPEAVUEnum@@AEBUFEnumParams@1@@Z
?StaticAllocateObject@@YAPEAVUObject@@PEBVUClass@@PEAV1@VFName@@W4EObjectFlags@@W4EInternalObjectFlags@@_NPEA_NPEAVUPackage@@@Z
?GetTransientPackage@@YAPEAVUPackage@@XZ
?OverrideConfigSection@UObject@@UEAAXAEAVFString@@@Z
?GetDesc@UObject@@UEAA?AVFString@@XZ

shootergameeditor-engine

?ExtractRootMotion@UAnimSequence@@UEBA?AU?$TTransform@N@Math@UE@@MM_N@Z
?ExtractRootMotionFromRange@UAnimSequence@@UEBA?AU?$TTransform@N@Math@UE@@MM@Z
?LogAnimation@@3UFLogCategoryLogAnimation@@A

shootergameeditor-animationmodifiers

??0UAnimationModifier@@QEAA@XZ
?Z_Construct_UClass_UAnimationModifier@@YAPEAVUClass@@XZ
?GetNativeClassRevision@UAnimationModifier@@MEBAHXZ
??0UAnimationModifier@@QEAA@AEAVFVTableHelper@@@Z
?Serialize@UAnimationModifier@@UEAAXVFStructuredArchiveRecord@@@Z
?PostLoad@UAnimationModifier@@UEAAXXZ
?PostInitProperties@UAnimationModifier@@UEAAXXZ
??1UAnimationModifier@@UEAA@XZ
?StaticConfigName@UAnimationModifier@@SAPEB_WXZ
?StaticClass@UAnimationModifier@@SAPEAVUClass@@XZ
?Serialize@UAnimationModifier@@UEAAXAEAVFArchive@@@Z

shootergameeditor-animationblueprintlibrary

?RemoveCurve@UAnimationBlueprintLibrary@@SAXPEAVUAnimSequence@@VFName@@_N@Z
?AddFloatCurveKey@UAnimationBlueprintLibrary@@SAXPEAVUAnimSequence@@VFName@@MM@Z
?AddCurve@UAnimationBlueprintLibrary@@SAXPEAVUAnimSequence@@VFName@@W4ERawCurveTrackTypes@@_N@Z

vcruntime140

memcpy
__std_terminate
__current_exception
__current_exception_context
__C_specific_handler
memset
__std_type_info_destroy_list

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-runtime-l1-1-0

_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_register_onexit_function
_initterm_e
terminate
_initterm
_cexit
_crt_at_quick_exit
_crt_atexit
_execute_onexit_table
_initialize_onexit_table

kernel32

RtlCaptureContext
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
TerminateProcess
GetCurrentProcess
GetModuleHandleW
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry

Exports

Exports

??$StaticClass@VUDistanceCurveModifier@@@@YAPEAVUClass@@XZ
??$StaticEnum@W4EDistanceCurve_Axis@@@@YAPEAVUEnum@@XZ
?Z_Construct_UClass_UDistanceCurveModifier@@YAPEAVUClass@@XZ
?Z_Construct_UClass_UDistanceCurveModifier_NoRegister@@YAPEAVUClass@@XZ
?Z_Construct_UEnum_AnimationLocomotionLibraryEditor_EDistanceCurve_Axis@@YAPEAVUEnum@@XZ
InitializeModule

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.uedbg
Size: 512B - Virtual size: 324B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 680B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d0250bcdc56e4ee139ff4c6f74f3a58d

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

shootergameeditor-core

shootergameeditor-coreuobject

shootergameeditor-engine

shootergameeditor-animationmodifiers

shootergameeditor-animationblueprintlibrary

vcruntime140

vcruntime140_1

api-ms-win-crt-runtime-l1-1-0

kernel32

Exports

Exports

Sections

.text Size: 15KB - Virtual size: 14KB

.uedbg Size: 512B - Virtual size: 324B

.rdata Size: 26KB - Virtual size: 25KB

.data Size: 512B - Virtual size: 2KB

.pdata Size: 1KB - Virtual size: 1KB

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 1024B - Virtual size: 680B

.text
Size: 15KB - Virtual size: 14KB

.uedbg
Size: 512B - Virtual size: 324B

.rdata
Size: 26KB - Virtual size: 25KB

.data
Size: 512B - Virtual size: 2KB

.pdata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 1024B - Virtual size: 680B