51ab8a0f9b5acf2c94723b9f31edf9a101287ea72a8d815cd2068473ab22014c_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

51ab8a0f9b5acf2c94723b9f31edf9a101287ea72a8d815cd2068473ab22014c_NeikiAnalytics.exe
Size

841KB
MD5

be08cc288c599f0bef4788f8861b7a20
SHA1

0377f405f8d18d85246bca93e8c1da7fa8dda9a8
SHA256

51ab8a0f9b5acf2c94723b9f31edf9a101287ea72a8d815cd2068473ab22014c
SHA512

966fb6be097867bd286ef86913e8b150a60eacf097b572d660da4d624f6b8eea312629dccd100ecc091115e09b510ab2069ff3551e889dcc5253cac7a33cd356
SSDEEP

12288:0TV0ZXzcxplqKIcgywLtbcDr1z+vOHgkXoRP6wNij8d8Olgc3KvIwXafbu1bcJdb:83hwLtbc31Ck4NhAfuu1udVj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
51ab8a0f9b5acf2c94723b9f31edf9a101287ea72a8d815cd2068473ab22014c_NeikiAnalytics.exe

Files

51ab8a0f9b5acf2c94723b9f31edf9a101287ea72a8d815cd2068473ab22014c_NeikiAnalytics.exe
.dll windows:5 windows x86 arch:x86

30139994b5eba18053da03c9e78caf5e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\b\build\slave\Win\build\src\build\Release\ffmpegsumo.dll.pdb

Imports

kernel32

CreateEventA
CreateSemaphoreA
CloseHandle
ResetEvent
WaitForSingleObject
ReleaseSemaphore
SetEvent
GetProcAddress
GetModuleHandleA
LeaveCriticalSection
GetCurrentProcess
GetConsoleScreenBufferInfo
GetStdHandle
SetConsoleTextAttribute
InterlockedExchangeAdd
InterlockedCompareExchange
GetSystemTimeAsFileTime
Sleep
MultiByteToWideChar
EnterCriticalSection
DeleteCriticalSection
GetProcessAffinityMask
InitializeCriticalSection
ExitThread
GetCurrentThreadId
GetLastError
CreateThread
GetTimeFormatA
GetDateFormatA
GetFileType
CreateFileW
WriteConsoleW
GetModuleFileNameW
DecodePointer
GetCommandLineA
EncodePointer
IsProcessorFeaturePresent
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
ExitProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
HeapFree
RaiseException
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
WideCharToMultiByte
GetTimeZoneInformation
HeapAlloc
HeapSize
HeapQueryInformation
HeapReAlloc
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetStartupInfoW
SetStdHandle
WriteFile
GetConsoleCP
GetConsoleMode
SetFilePointer
ReadFile
LoadLibraryW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
RtlUnwind
LCMapStringW
GetStringTypeW
FlushFileBuffers
CompareStringW
SetEnvironmentVariableA

Exports

Exports

av_bitstream_filter_close
av_bitstream_filter_filter
av_bitstream_filter_init
av_destruct_packet
av_dict_get
av_dict_set
av_dup_packet
av_free
av_free_packet
av_get_bytes_per_sample
av_image_check_size
av_image_fill_linesizes
av_index_search_timestamp
av_init_packet
av_lockmgr_register
av_log_set_level
av_malloc
av_new_packet
av_packet_get_side_data
av_packet_split_side_data
av_rdft_calc
av_rdft_end
av_rdft_init
av_read_frame
av_register_all
av_register_bitstream_filter
av_rescale_q
av_samples_get_buffer_size
av_seek_frame
avcodec_align_dimensions
avcodec_alloc_context3
avcodec_alloc_frame
avcodec_close
avcodec_decode_audio4
avcodec_decode_video2
avcodec_find_decoder
avcodec_flush_buffers
avcodec_get_frame_defaults
avcodec_open2
avformat_alloc_context
avformat_close_input
avformat_find_stream_info
avformat_free_context
avformat_open_input
avio_alloc_context
avio_close
avpriv_cga_font
avpriv_mpa_bitrate_tab
avpriv_mpa_freq_tab
avpriv_mpeg4audio_sample_rates
avpriv_vga16_font
ff_raw_pix_fmt_tags

Sections

.text
Size: 562KB - Virtual size: 562KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 241KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 663KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

30139994b5eba18053da03c9e78caf5e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

Exports

Exports

Sections

.text Size: 562KB - Virtual size: 562KB

.rdata Size: 241KB - Virtual size: 241KB

.data Size: 7KB - Virtual size: 663KB

.rodata Size: 2KB - Virtual size: 2KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 26KB - Virtual size: 25KB

.text
Size: 562KB - Virtual size: 562KB

.rdata
Size: 241KB - Virtual size: 241KB

.data
Size: 7KB - Virtual size: 663KB

.rodata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 26KB - Virtual size: 25KB