265a6307c897b5a0ce2c5362b652172ce1c1e24f2409b963bb05a6405ac852c3_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

265a6307c897b5a0ce2c5362b652172ce1c1e24f2409b963bb05a6405ac852c3_NeikiAnalytics.exe
Size

3.8MB
MD5

5ff5222db4a5a54e035fd7c65214b4c0
SHA1

d4c1e75855322747450dd737774cb1accc0e2d0e
SHA256

265a6307c897b5a0ce2c5362b652172ce1c1e24f2409b963bb05a6405ac852c3
SHA512

b7b79a78b3456b1231eb81f2f1474c41aec0e9aebbf4feee365595d96d96c20113113280c76cfb4c1b51c929b1a83f916a6ec43a873be3b44a0d2f30894c0127
SSDEEP

49152:beLRjaim2QFKdAV3cCjHYrwQepcjhfWbS7fIFZaZHJtHXVquqB:qLAVaKwPsiXi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
265a6307c897b5a0ce2c5362b652172ce1c1e24f2409b963bb05a6405ac852c3_NeikiAnalytics.exe

Files

265a6307c897b5a0ce2c5362b652172ce1c1e24f2409b963bb05a6405ac852c3_NeikiAnalytics.exe
.exe windows:6 windows x64 arch:x64

ed14ceffa979b57c322a480ad56a8a9b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Jamie\Documents\NVIDIA\nvidia-oc\build\Release\gpu_stressor\x64\gpu_stressor.pdb

Imports

advapi32

RegOpenKeyExA
InitializeSecurityDescriptor
OpenEventLogA
CloseEventLog
RegQueryValueExA
ReadEventLogA
RegCloseKey
SetSecurityDescriptorDacl

shell32

SHGetFolderPathW

nvcuda

cuLaunchKernel
cuModuleGetFunction
cuModuleLoadData
cuOccupancyMaxActiveBlocksPerMultiprocessor
cuDeviceGet
cuInit
cuGetErrorName
cuDeviceGetCount
cuDeviceGetAttribute
cuDevicePrimaryCtxRetain

kernel32

FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
GetTimeZoneInformation
ReadConsoleW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
EnumSystemLocalesW
GetUserDefaultLCID
ReleaseSRWLockShared
AcquireSRWLockShared
InitializeSRWLock
HeapFree
SetConsoleTextAttribute
GetStdHandle
GetCurrentThreadId
SetEvent
WaitForSingleObjectEx
CloseHandle
HeapAlloc
GetProcessHeap
CreateEventA
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetFileSizeEx
FindFirstFileA
SetLastError
WriteFile
FindNextFileA
SetEndOfFile
FindClose
CreateMutexA
WaitForSingleObject
ReleaseMutex
UnmapViewOfFile
GetModuleHandleA
GetLastError
CreateFileA
SwitchToThread
GetProcAddress
SetFilePointerEx
CreateFileMappingA
LocalFree
RemoveDirectoryA
GetCurrentProcessId
CreateDirectoryA
FormatMessageA
GetTickCount
MapViewOfFileEx
GetProcessTimes
GetCurrentProcess
ReleaseSemaphore
DuplicateHandle
Sleep
GetSystemInfo
GetSystemTimeAsFileTime
CreateSemaphoreA
CreateEventW
ResetEvent
ExpandEnvironmentStringsA
LoadLibraryA
FreeLibrary
QueryPerformanceCounter
HeapCreate
HeapDestroy
HeapReAlloc
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TryEnterCriticalSection
WakeAllConditionVariable
GetCurrentThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetNativeSystemInfo
VirtualAlloc
VirtualFree
VirtualProtect
FreeLibraryAndExitThread
GetProcessAffinityMask
SetThreadAffinityMask
GetModuleHandleW
LoadLibraryExW
CreateProcessW
LocalAlloc
CreateProcessA
GetSystemDirectoryW
GetFullPathNameW
VerifyVersionInfoW
VerSetConditionMask
GetModuleFileNameW
CreateFileW
lstrcmpA
OutputDebugStringW
MultiByteToWideChar
WideCharToMultiByte
GetExitCodeThread
CreateDirectoryW
FindFirstFileExW
FindNextFileW
GetFileAttributesExW
AreFileApisANSI
RtlPcToFileHeader
EncodePointer
DecodePointer
RaiseException
QueueUserWorkItem
GetModuleHandleExW
IsProcessorFeaturePresent
InitializeCriticalSectionAndSpinCount
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
SleepConditionVariableSRW
GetCurrentDirectoryW
GetFileAttributesW
DeviceIoControl
OpenEventA
GetLogicalProcessorInformation
InitializeSListHead
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsDebuggerPresent
GetStartupInfoW
CreateTimerQueue
SignalObjectAndWait
CreateThread
SetThreadPriority
GetThreadPriority
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
RegisterWaitForSingleObject
UnregisterWait
GetThreadTimes
GetVersionExW
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
LoadLibraryW
IsValidLocale
RtlUnwindEx
ExitProcess
GetFileType
WriteConsoleW
SetStdHandle
ReadFile
ExitThread
SetEnvironmentVariableW
GetDateFormatW
GetTimeFormatW
HeapSize

Exports

Exports

NvOptimusEnablementCuda

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 542KB - Virtual size: 541KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 296KB - Virtual size: 333KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nv_fatb
Size: 537KB - Virtual size: 536KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nvFatBi
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 580KB - Virtual size: 584KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ed14ceffa979b57c322a480ad56a8a9b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

advapi32

shell32

nvcuda

kernel32

Exports

Exports

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 542KB - Virtual size: 541KB

.data Size: 296KB - Virtual size: 333KB

.pdata Size: 83KB - Virtual size: 83KB

.nv_fatb Size: 537KB - Virtual size: 536KB

.nvFatBi Size: 512B - Virtual size: 96B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 580KB - Virtual size: 584KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 542KB - Virtual size: 541KB

.data
Size: 296KB - Virtual size: 333KB

.pdata
Size: 83KB - Virtual size: 83KB

.nv_fatb
Size: 537KB - Virtual size: 536KB

.nvFatBi
Size: 512B - Virtual size: 96B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 580KB - Virtual size: 584KB